Week 1 Laboratory
Part 1: Craft an Organization-Wide Security Management Policy for Acceptable Use
Learning Objectives and Outcomes
Upon completing this lab, students will be able to complete the following tasks:
Define the scope of an acceptable use policy as it relates to the User Domain
Identify the key elements of acceptable use within an organization as part of an overall security management framework
Align an acceptable use policy with the organization’s goals for compliance
Mitigate the common risks and threats caused by users within the User Domain with the implementation of an acceptable use policy (AUP)
Draft an acceptable use policy (AUP) in accordance with the policy framework definition incorporating a policy statement, standards, procedures, and guidelines
Part 1 – Craft an Organization-Wide Security Management Policy for Acceptable Use Worksheet
Overview
In this hands-on lab, you are to create an organization-wide acceptable use policy (AUP) that follows a recent compliance law for a mock organization. Here is your scenario:
Regional ABC Credit union/bank with multiple branches and locations throughout the region
Online banking and use of the Internet is a strength of your bank given limited human resources
The customer service department is the most critical business function/operation for the organization
The organization wants to be in compliance with GLBA and IT security best practices regarding its employees
The organization wants to monitor and control use of the Internet by implementing content filtering
The organization wants to eliminate personal use of organization owned IT assets and systems
The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls
The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into an annual security awareness training
Instructions
Using Microsoft Word, create...