corporate policies for system security

In this assignment, you will develop corporate policies for system security monitoring, patch management, and updates that cover both wired and wireless components. A web search will provide multiple examples of policy documents. The following resources may also be helpful as you draft your policy documents:

  • SANS. No date. https://www.sans.org/blog/cis-controls-v8/?msc=main-nav . https://www.sans.org/critical-security-controls/?msc=main-nav
    • This resource provides a list of case studies highlighting how security professionals have made improvements in their security controls.
  • SANS. No date. Security Policy TemplatesLinks to an external site.. https://www.sans.org/information-security-policy/
    • This resource provides a number of security policy templates that might be helpful in drafting your policy documents.

The specific course learning outcome associated with this assignment is:

  • Recommend best practices for monitoring, updating, and patching systems.

Instructions

Write a paper in which you:

  • Establish a system security monitoring policy addressing the need for monitoring, policy scope, and exceptions and supported by specific, credible sources.
    • Justify the need for monitoring.
    • Define the scope of the policy (the personnel, equipment, and processes to which the policy applies).
    • Provide guidelines for policy exceptions, if approved by the IT and Security departments.
  • Establish a system security patch management and updates policy addressing the need for patch management and updates, policy scope, and exceptions and supported by specific, credible sources.
    • Justify the need for patch management and updates, aligned with ISO/IEC 27002.
    • Define the scope of the policy (the personnel, equipment, and processes to which the policy applies).
    • Provide guidelines for policy exceptions, if approved by the IT and Security departments.
  • Support your main points, assertions, arguments, or conclusions with at least four specific and credible academic sources synthesized into a coherent analysis of the evidence.
    • Cite each source listed on your source page at least one time within your assignment.