Cybersecurity

Return to the Cybersecurity Project List

Project 4: Security Policies

Project Overview

Purpose:
Information security policies provide a framework for how an organization protects its assets and is a safeguard that the organization employs to reduce risk. Students examine why an organization develops information security policies and the differences between policies, standards, guidelines, and procedures. They will then create information security policies to mitigate existing vulnerabilities exposed by a third-party audit.

Courses for Implementation:

  • Security+

Key Terms/Major Topics:

  • Key terms: Policies, Security Policies
  • Technical skills: Analyze current security vulnerabilities; identify and construct a series of security policies to address each vulnerability identified.
  • Employability skills:
    1. Teamwork. Work constructively and respectfully in teams to research and prioritize vulnerabilities and construct security policies designed to mitigate identified vulnerabilities.
    2. Problem solving. Prioritize a list of security vulnerabilities and identify countermeasures in the form of security policies and operational procedures, and proceed to develop and plan for implementing the recommended policies.
    3. Written communications. Communicate in writing the relevance and implementation of specific security policies and procedures, and a plan for implementation and dissemination.
    4. Verbal Communications (optional). Demonstrate effective verbal communication skills to present and refine one's recommended policy to ACME Managers.

Equipment/Materials:

Estimated Time Required: 2 hours