IT 242 week 1 Assignment: Introduction to the Information Security Policy - 13077

Solution Detail
Price: $8.00
  • From: ,
  • Posted on: Thu 26 Jul, 2012
  • Request id: None
  • Purchased: 0 time(s)
  • Average Rating: No rating
Request Description

1.     Assignment: Introduction to the Information Security Policy

 

Purpose of Assignment

Students are required to select a company profile to be used for their Information Security Policy. This section of the Information Security Policy project requires that students complete the Introduction section, providing a brief overview of the company and the security goals to be achieved as relates to their selected business scenario. This section requires an overview of which type of security policy—program-level, program-framework, issue-specific, or system-specific—is appropriate to their selected business scenario and why. This section also requires students to explain the security goals in terms of confidentiality, integrity, and availability.

 

Resources Required: Appendix C

 

·         Select one of the company profiles below to be used for your Information Security Policy

 

1)     Company 1: The Bloom Design Group is a company that offers interior design services to businesses and individuals throughout the world. Bloom has a corporate office in New York and a second office in Los Angeles. The company’s website features a virtual decorating tool, which offers clients the chance to play with different color and design schemes. This tool allows their clients to get an idea of what a design project would look like once it is completed, before actually making color and design decisions. The website also gives interior designers access to their client files and company style guides, as well as create the ability to electronically process orders for design materials and furniture. The designers use a secure login and a password to gain access to the website and its features. The company's workforce spends all its time working remotely and accessing the corporate network using a secure VPN.

2)     Company 2: Sunica Music and Movies is a local multimedia chain with four locations. Each store has been acting independently of one another and has difficulty coordinating customer sales from one store to another based on inventory. Because of poor communications, revenue and customer base have been lost due to jumbled inventory from store to store, decentralized accounting, and no Internet-based commerce. With the successful implementation of a WAN solution, all stores will have the ability to access a centralized database for inventory and dynamically reorder stock based on sales. Each location will tunnel all financial transactions through a central accounting package, eliminating bookkeeping errors, and centralizing the company finances. All transactions and customer inventory browsing will be done through a web interface and custom intranet website. To meet their need for an Internet customer base, web servers will be located in their data center and will tie in to the company’s accounting and transaction servers to provide real-time sales and inventory information to customers.

 

·         Complete the Introduction portion of the Information Security Policy. Include the following:

 

    • An overview of the company
    • The security goals to be achieved

 

·         Refer to the Introduction Template in Appendix C for the correct format for this assignment.

 

Grading Guide

Appendix C corresponds to Section 2 of Appendix B in the final compilation due in Week Nine.

 

Grading Form for Introduction to the Information Security Policy, Due in Week One

 

Content and Development  70 Points

Points Earned XX/70

All key elements of the assignment are covered in a substantive way.

 

•     Section 1.1 provides a 100- to 200-word overview of the company.

 

•     Section 1.2 covers which type of security policy is appropriate to their selected scenario and why.

 

•     Section 1.3 provides a high-level view of the security policy goals for the selected scenario.

 

o    Section 1.3.1 explains how the policy will satisfy the confidentiality goals of the company and protect the company’s information

 

o    Section 1.3.2 explains how the policy will satisfy the integrity goals of the company through providing rules for authentication and verification, including a description of formal methods and system transactions.

 

o    Section 1.3.3 explains how the policy will satisfy the availability goals of the company through back-up and recovery, access control, and quality of service.

 

The content is comprehensive, accurate, and persuasive.

 

The completed project sections develop a central theme or idea, directed toward the appropriate audience.

 

The completed project sections link theory to relevant examples and uses the vocabulary of the theory correctly.

 

Major points are stated clearly; are supported by specific details, examples, or analysis; and are organized logically.

 

Readability and Style  15 Points

Points Earned XX/15

Paragraph transitions are present, logical, and maintain the flow throughout the paper where applicable.

 

The tone is appropriate to the content and assignment.

 

Sentences are complete, clear, and concise.

 

Sentences are well constructed, with consistently strong, varied sentences.

 

Sentence transitions are present and maintain the flow of thought.

 

Mechanics 15 Points

Points Earned XX/15

The completed project sections follow formatting as indicated in the Appendix C template.

 

The completed project sections are laid out with effective use of headings, font styles, and white space.

 

Rules of grammar, usage, and punctuation are followed.

 

Spelling is correct.

 

Total  100 Points

Points Earned XX/100

Overall Comments:

 

Solution Description

1.     Assignment: Introduction to the Information Security Policy

 

Purpose of Assignment

Students are required to select a company profile to be used for their Information Security Policy. This section of the Information Security Policy project requires that students complete the Introduction section, providing a brief overview of the company and the security goals to be achieved as relates to their selected business scenario. This section requires an overview of which type of security policy—program-level, program-framework, issue-specific, or system-specific—is appropriate to their selected business scenario and why. This section also requires students to explain the security goals in terms of confidentiality, integrity, and availability.

 

Resources Required: Appendix C

 

Attachments
IT 244 Week 1 - APPENDIX C (university of odambia).doc
IT 244 Week 1 -...