Create the following security policies for the company described in the Course Security Scenario. State any assumptions that you make, or details that you might add that add depth, texture, or provide a foundation for your policies. Your goal is to create effective policies that represent modern systems assurance security practices and planning.
- Acceptable Use (2 pages).
- Workstation Security for a regulated health care environment (1–2 pages).
Suggested Resources
The resources provided here are optional and support the assignment. They provide helpful information about the topics. You may use other resources of your choice to prepare for this assisgnment; however, you will need to ensure that they are appropriate, credible, and valid.
- Beyond Trust. (2017). Sample vulnerability management policy [PDF]. Retrieved from https://www.beyondtrust.com/wp-content/uploads/wp-sample-vulnerability-management-policy.pdf?1446594949
- This is a sample of a vulnerability management policy.
- United States Postal Service. (2017). Patch management process. Retrieved from https://about.usps.com/doing-business/it-policies-standards/Patch-Management-Process.htm
- This is a real-world example of a patch management process and policy.
- Breeden II, J. (2017). What is vulnerability management? Retrieved from https://www.csoonline.com/article/3238080/vulnerabilities/what-is-vulnerability-management-processes-and-software-for-prioritizing-threats.html
- This is an article explaining the details of vulnerability management.
- Kim, D., & Solomon, M. G. (2018). Fundamentals of information systems security (3rd ed.). Burlington, MA: Jones & Bartlett.
- Chapter 3, “Malicious Attacks, Threats, and Vulnerabilities,” pages 72–110.