or email us
CIS 462 WEEK 4 ASSIGNMENT 1 IT SECURITY POLICY FRAMEWORK
Establishing an effective Information Technology Security Policy Framework is critical in the development
of a comprehensive security program. Additionally, there are many security frameworks that organizations
commonly reference when developing their security programs. Review the security frameworks provided
by NIST (SP 800-53), ISO / IEC 27000 series, and COBIT. Assume that you have been hired as a
consultant by a medium-sized insurance organization and have been asked to draft an IT Security Policy
You may create and / or assume all necessary assumptions needed for the completion of this
Write a three to five (3-5) page paper in which you:
1. Select a security framework, describe the framework selected, and design an IT Security Policy
Framework for the organization.
2. Describe the importance of and method of establishing compliance of IT security controls with
U.S. laws and regulations, and how organizations can align their policies and controls with the
3. Analyze the business challenges within each of the seven (7) domains in developing an effective
IT Security Policy Framework.
More Details hidden…