5-2 Information Technology Risk Analysis and Cyber Security Policy Assignment, Part 2

 Submit your creation of a cyber-security policy. (Please note: You must use the information that was identified in the risk analysis paper and create an organizational cyber-security policy.) The cyber-security policy will assess how the organization will interpret security issues that occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and privacy. 

The paper is pertaining to the Twitter data breach that happened earlier this year. No need to go back over the breach but rather a policy to mitigate the security issues within the workplace as identified above.

IT 659 Information Technology Risk Analysis and Cyber Security Policy Part 2 Guidelines and Rubric

In the second portion of this assessment, you create an organizational cyber-security policy using the information that was identified in the risk analysis paper.

Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how the organization will interpret security issues that
occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and
privacy.

Specifically the following critical elements must be addressed:

1. Compose an organizational security policy that protects the confidentiality, integrity, and availability of the organization’s data.
2. Evaluate the current U.S. cyberlaws; state statutes; and criminal, civil, private, and public laws and compare them with the organizational security policy

to ensure compliance.
3. Assess the network cyber-security policy to determine if the policy is able to minimize risks and vulnerabilities.
4. Develop security policy sections that identify acceptable use for users pertaining to privacy, social media, email usage, an d internet usage in the

workplace.

Guidelines for Submission: Your paper must be submitted as a three- to five-page Word document with double spacing, 12-point Times New Roman font, one-
inch margins, and at least three sources cited in APA format.

Critical Elements Exemplary (100%) Proficient (90%) Needs Improvement (70%) Not Evident (0%) Value

Organizational

Security Policy

Meets “Profi ci ent” cri teri a

s uppl emented wi th exampl es to
s upport thi nki ng

Compos e an organi zati onal

s ecuri ty pol i cy that protects the
confi denti al ity, i ntegri ty, and
avai l ability of the organi zati on’s
data

Organi zati onal s ecurity pol i cy

that protects the confi denti al ity,
i ntegri ty, and avai l ability of the
organi zati on’s data i s mi ni mally
compos ed

An organi zati onal s ecurity policy

that protects the confi denti al ity,
i ntegri ty, and avai l ability of the
organi zati on’s data i s not
evi dent

20

Compliance Meets “Profi ci ent” cri teri a

s ubs tanti ated wi th res earch-
bas ed evi dence to s upport
fi ndi ngs

Eval uate the current U.S.

cyberl aws ; s tate s tatutes ; and
cri mi nal , ci vil, pri vate, and
publ i c l aws and compare them
wi th the organi zati onal s ecurity

pol i cy to ens ure compl i ance

Eval uati on of the current U.S.

cyber l aws ; s tate s tatutes ;
cri mi nal , ci vil, pri vate, and
publ i c l aws and compari son
wi th the organi zati onal s ecurity

pol i cy to ens ure compl i ance i s
l acki ng i n detai l and/or accuracy

Does not eval uate the current

U.S. cyber l aws ; s tate s tatutes ;
and cri mi nal , ci vil, pri vate, and
publ i c l aws and compare them
wi th the organi zati onal s ecurity

pol i cy to ens ure compl i ance

20

Risks and
Vulnerabilities

Meets “Profi ci ent” cri teri a
s upported wi th exampl es to
s upport the ri s ks and

vul nerabi l ities that were
as s es s ed

As s es s the network cyber-
s ecuri ty pol i cy to determi ne i f
the pol i cy i s abl e to mi ni mi ze

ri s ks and vul nerabiliti es

As s es s ment of the network
cyber-s ecuri ty pol i cy to
determi ne i f the pol i cy i s able to

mi ni mi ze ri s ks and
vul nerabi l ities i s mi ni mal

As s es s ment of the network
cyber-s ecuri ty pol i cy to
determi ne i f the pol i cy i s able to

mi ni mi ze ri s ks and
vul nerabi l ities i s not evi dent

20

Security Policy
Sections

Meets “Profi ci ent” cri teri a
s ubs tanti ated wi th expl i ci t

detai l s i n each s ecuri ty pol i cy
s ecti on

Devel op s ecuri ty pol i cy s ecti ons
that i denti fy acceptabl e us e for

us ers pertai ni ng to pri vacy,
s oci al medi a, emai l us age, and
i nternet us age i n the workpl ace

Devel opment of s ecuri ty pol i cy
s ecti ons that i denti fy

acceptabl e us e for us ers
pertai ni ng to pri vacy, s oci al
medi a, emai l us age, and
i nternet us age i n the workpl ace

i s l acki ng i n detai l

Devel opment of s ecuri ty pol i cy
s ecti ons that i denti fy
acceptabl e us e for us ers
pertai ni ng to pri vacy, s oci al
medi a, emai l us age, and
i nternet us age i n the workpl ace

i s not evi dent

20

Articulation of
Response

Submi s s i on i s free of errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, and
organi zati on and i s pres ented i n

a profes s i onal and eas y-to-read
format

Submi s s i on has no major errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on

Submi s s i on has major errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on
that negati vel y i mpact

readabi l ity and arti culation of
mai n

i deas

Submi s s i on has criti cal errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on
that prevent unders tandi ng of

i deas
20

Earned Total 100%