Propose a Security Policy for Majestic Conveyance
Assignment: Prepare a well-written security policy proposal for your organization that utilizes the concepts learned in the course as a basis for your analysis and policy.
The company was already chosen and its name is Majestic Conveyance and it is a delivery company that is growing and competing with USPS, UPS, and Fedex. I have attached a copy of my basic info on the company and you may make assumptions on the rest of the company to complete the assignment.
Make sure that your proposal includes the basic elements of a good security policy including:
- Introduction describing your organization and describing its mission, products/services, technical resources, and technical strategy
- Analysis of the organizationâ€™s relationships to its clients/customers, staff, management, and owners or other stakeholders
- A vulnerability assessment
- Your recommendation, including:
- Proposed remedial measures (as appropriate to the situation; these might include firewall/gateway provisions, authentication and authorization, encryption systems, intrusion detection, virus detection, incident reporting, education/training, etc.)
- Proposed code of ethics or code of practice to be applied within the organization
- Legal/compliance requirements and description of how they will be met
- Proposed security policy statement/summary
Important: Your proposal must justify every element of your proposal in ethical and legal terms. In other words, you need to state why each policy/code element (including technical elements) is good for business and why it is good/sound ethical policy (how it is good for the organization and why it is good for customers, users, or employees, or the public). Also identify any ethical/legal tensions, conflicts, and/or contradictions and justify any trade-offs being made in the recommendation.
Discuss and cite at least three credible or scholarly sources other than the course textbooks (which can be cited as well) to support your analysis and policy choices. The CSU-Global Library is a good place to find credible and scholarly sources. Your paper should be 8-10 pages in length with document and citation formatting per the CSU-Global Guide to Writing & APA.
Recommendation: It is recommended that students review Chapter 8 in the course textbook, which is required reading for Module 6, early in the term and apply the knowledge therein to planning and drafting the Portfolio Project. In Chapter 8 (and also in the early part of Chapter 10), the textbook author discusses the role of a security policy in the compliance of an organization. He observes that in response to public outcry in the 1990s, governments went on a binge passing laws to regulate the new Internet. But privacy advocates pushed back and by the early 2000s, the result of much politicking was a mixed system of sectoral laws (dealing with specific situations) and largely voluntary norms. These norms were adopted by organizations and enshrined in security and privacy policies regarding data and networking. Kizza (2011) made the point that, â€œA good, balanced and unified approach to information security compliance consists of a good security policy that effectively balances and enforces core information security and compliance elementsâ€ (p. 184).