· READINGS:
· CHAPTER 4 AND 5
NIST Standards And Guidelines
· , Chapters 2, 4, 8, 9, 10, 13, and 14 – PDF (7.8 MB)
Additional Standards And Guidelines
· , pages 5-19, 20, 36, 50, 66, 88, & 105 – PDF (1.7 MB)
Additional Required Reading
·
·
· (CA Privacy Act website)
·
· Review the three web pages on Ownership, Control, and Security
Briefly Review the following samples of public sector InfoSec policies:
· – PDF (2 MB)
· – PDF (2.3 MB)
· – PDF (237 KB)
· – PDF (506 KB)
· – PDF (323 KB)
· – PDF (336 KB)
· – PDF (479 KB)
· – PDF (516 KB)
· – PDF (398 KB)
· – PDF (405 KB)
· – PDF (101 KB)
· – PDF (60 KB)
· – PDF (20 KB)
· – PDF (150 KB)
· – PDF (228 KB)
· – PDF (625 KB)
· – PDF (696 KB)
· – PDF (453 KB)
· – PDF (37 KB)
Hide Assignment Information |
|
Instructions |
|
Based on the reading materials and textbook, decide what are going to be your Top 10 InfoSec policies that you are going to recommend to the company you have selected from the three options of Week 1 Homework Assignment. The list needs to be prioritized, so that the most important policy is priority #1, the second most important policy is priority #2, and continuing to the tenth most important policy is priority #10 (this does not make it the “least important” policy – they should all be important). Each policy on the list should have a policy title/subject and include 2-4 sentences to describe/highlight the purpose of the policy. Then, in addition, you need to explain your justification for the priority order of the top 5 policies by providing 3-4 paragraphs to explain why you prioritized them in their particular sequence – as if you are justifying the list to the Owner/CEO.] Assignment outcomes: (1) Prioritized list of top 10 InfoSec policies (with descriptions) and (2) justification for the sequence of the top 5 policies. |
Below is the option chosen from week one
Option #1:
Company Overview: Financial Services company, privately owned (LLP), providing brokerage services for investments and loans, with a primary office in San Diego (Kearny Mesa) and three field offices (in Vista, Poway, and El Cajon)• Company Size: Small Business – 40 employees in total; 1 Branch Manager and 6 staff at each field office, and the Management Team, an Office Manager, and 15 staff at the main office• Management Team: The Owner/CEO, CFO, and COO • IT/Security Services: They contract with third parties for all IT services, which are managed by the COO; they have no internal IT staff and no cybersecurity staff • Company’s Mission: To provide the best brokerage services for our customers, with high rates of return and lowest fees• Technical Environment: They use PCs running Windows 10; an office application suite runs locally on each PC; shared financial applications run from cloud-based services; email is provided through cloud-based services with the capability to send digitally signed, encrypted messages; shared file storage is provided through cloud-based services, with the ability to encrypt files or entire folders/directories; they have a secure Fax machine in each office