Security Standards, Policies, And Procedures Manual

Cyber security engineers are responsible for safeguarding computer networks and systems in an organization in order to protect the sensitive data they store.

Take on the role of Cyber Security Engineer for the organization you chose in Week 1.

Develop a 5- to 6-page manual using the Security Standards, Policies, and Procedures Template, with recommendations to management of security standards, policies, and procedures that should be implemented in your chosen organization.

Research and include the following:

  • Explain the importance to your organization of implementing security policies, plans, and procedures. Discuss how security policies, plans, and procedures will improve the overall security of the organization.
  • Recommend appropriate policies and procedures for:
  • Data privacy
  • Data isolation
  • NDA
  • IP Protection
  • Passwords
  • Acceptable use of organizational assets and data
  • Employee policies (separation of duties/training)
  • Risk response
  • Avoidance
  • Transference
  • Mitigation
  • Acceptance
  • Compliance examples that might affect your organization or others [Regulatory, Advisory, Informative]
  • ISO
  • NIST
  • SEC
  • Sarbanes/Oxley
  • Incident response
  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons learned
  • Auditing
  • Environmental/Physical
  • Administrative
  • Configuration