Q-(3): Read the following case study and develop a Information Security Policy (IPS). Unforeseen or undesirable events with harmful consequences for organisations can be referred to as threats, and Information System threats can be both internal and external . Internal threats are caused by people working within an organisation, primarily due to unprotected private access to organisational information about operations and processes. External threats come from entities outside an organisation. Implementation of Information system policy is negatively affected by human error, which is the most common issue when applying ISPs .For example, unintentional data entry, editing or modification may lead to social, economic or physiological losses, which are challenging issues to manage. Human error can also include rigidness in user behaviour related to accepting ISPs. This rigidness can lead to alterations in human performance, causing deviations from preferred success paths and resulting in unplanned results.An organisation must address all possible human errors while writing ISPs because such errors can be critical for any organisation if not handled competently. Major causes of the occurrence of human errors include lack of knowledge or skills related to IS. Unforeseen or undesirable events with harmful consequences for organisations can be referred to as threats, and IS threats can be both internal and external [10]. Internal threats are caused by people working within an organisation, primarily due to unprotected private access to organisational information about operations and processes [11]. External threats come from entities outside an organisation. Implementation of ISPs is negatively affected by human error, which is the most common issue when applying ISPs [1214]. For example, unintentional data entry, editing or modification may lead to social, economic or physiological losses, which are challenging issues to manage. Human error can also include rigidness in user behaviour related to accepting ISPs. This rigidness can lead to alterations in human performance, causing deviations from preferred success paths and resulting in unplanned results [15]. An organisation must address all possible human errors while writing ISPs because such errors can be critical for any organisation if not handled competently [13]. Major causes of the occurrence of human errors include lack of knowledge or skills related to IS [14]; Unforeseen or undesirable events with harmful consequences for organisations can be referred to as threats, and IS threats can be both internal and external [10]. Internal threats are caused by people working within an organisation, primarily due to unprotected private access to organisational information about operations and processes [11]. External threats come from entities outside an organisation. Implementation of ISPs is negatively affected by human error, which is the most common issue when applying ISPs [1214]. For example, unintentional data entry, editing or modification may lead to social, economic or physiological losses, which are challenging issues to manage. Human error can also include rigidness in user behaviour related to accepting ISPs. This rigidness can lead to alterations in human performance, causing deviations from preferred success paths and resulting in unplanned results [15]. An organisation must address all possible human errors while writing ISPs because such errors can be critical for any organisation if not handled competently [13]. Major causes of the occurrence of human errors include lack of knowledge or skills related to IS [14];