Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Scenario: You are the IT Security Manager of XYZ Credit Union that has multiple branches throughout the region. Write an acceptable use policy (AUP) for

Scenario: You are the IT Security Manager of XYZ

Credit Union that has multiple branches throughout the region. Write an acceptable use policy (AUP) for XYZ Credit Union that wants to monitor and control use of the Internet by implementing content filtering; wants to eliminate personal use of organization-owned IT assets and systems; wants to monitor the use of the e-mail system by implementing e-mail security controls; and wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training. Your policy must contain the following headings:

XYZ Credit Union

Policy Heading {To identify the topic}

Policy Statement {Mandatory directive.}

Introduction {To frame the document.}

Policy Goals/Objectives {Insert the policy's goals as well as its objectives; to convey intent.}

Scope {Define this policy's scope and whom it covers. Which of the seven domains of a typical IT infrastructure are impacted? What elements, IT assets, or organization-owned assets are within this policy's scope?}

Standards {Does this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards.}

Procedures {In this section, explain how you intend to implement this policy throughout this organization.}

Guidelines {In this section, explain any roadblocks or implementation issues that you must overcome and how you will overcome them per the defined policy guidelines.}

Policy Exceptions {To acknowledge exclusions}

Policy Enforcement Clause {Violation sanctions}

Administrative Notations {Additional information}

Policy Definitions {Glossary of terms}

Version Control {To track Changes}

Answer the following questions:

2. As the IT Security Manager, who would you involve to write this policy?

3. How do you train the employees?

4. How do you measure and enforce the policy?

5. When will this policy be updated?

6. Who will approve the policy?

7. How did you determine the length of the policy?

Please justify the length of your policy.

8. Why must an organization have an acceptable use

policy (AUP) even for non-employees, such as

contractors, consultants, and other third parties?

9. What security controls can be deployed to monitor

and mitigate users from accessing external websites that

are potentially in violation of an AUP?

10. What security controls can be deployed to monitor

and mitigate users from accessing external webmail

systems and services (that is, Hotmail, Gmail, Yahoo,

etc.)?

11. Please cite your sources

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Accounting Information Systems The Crossroads Of Accounting And IT

Authors: Donna Ulmer, Donna Kay, Ali Olia

1st Edition

0132132524, 9780132132527

More Books

Students also viewed these Accounting questions

Question

Speak clearly and distinctly with moderate energy

Answered: 1 week ago

Question

Get married, do not wait for me

Answered: 1 week ago