Week 5 Assignments- Maps to Course Obj. 6
: Chapter 4, Management of Information Security, 3e.
: Powerpoint Slides, Chapter 4, located in Course Documents, Lecture Notes
: SANS Security Policy Project
Learning Objectives - Week 5
• Define information security policy and understand its central role in a successful information security program
• Recognize the three major types of information security policy and know what goes into each type
• Develop, implement, and maintain various types of information security policies
Write a research report to consider the two approaches described in your text to developing an information security policy (SecSDLC and ISPME). In your opinion, answer the following:
1. How are they similar? How are they different?
2. Is there another approach that might be used?
3. Which is might be suited for use by a smaller organization? Why?
4. Which is might be suited for a larger organization? Why?
5. What criteria you would consider before making a recommendation for adopting a formal approach to policy development?
Use external sources only, provide examples and evidence to support your report
Assignment 5.2 (post to the Week 5 Forum)
This assignment is worth 75points; 25 points for each of your original postings, and 25 points for participation.
This week's assignment is in two parts: (post in separate messages)
a. Consider your incident response plan you created last week for your home computer, and draft a generic sample issue-specific policy that would be useful to any home computer user. Let's use the premise that this plan would be available to the general public.Post to the forum.
b. Examine at least two policies. Form an opinion and get a second opinion on their usability. You might use a family member, or a work colleague. Include those opinions in your responses to other students.
Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, due by Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!
Group Assignment-Week 5
This assignment is worth 50 points.
As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...
Have one person in your group post the group consensus, labeled as "Week5 Post - Grade Me" to your group forum.
Assignment 5.3 (Post to your Blog)
This assignment is worth 20 points.
Time to start adding to that blog! If you are not sure what to include, you might want to re-read the assignment located at the top of the Week 1 Assignments.