Blog

Organizations commit to cybersecurity by way of a policy – this is how the organ

Organizations commit to cybersecurity by way of a policy – this is how the organization describes the “law” of the organization. Policies generally do not include “how” something should be implemented, just the overall commitment (the Acceptable Use is an exception to this overall rule). In later assignments, we will be describing internal standards, which would indeed describe the details of “how.”
[AC-7] Unsuccessful Login Attempts:   must enforce a limited of consecutive unsuccessful login attempts, and automatically locks the user account for a period of time until unlocked via established authentication methods, detailed in the internal standard.
or
[AC-11] Device Lock:   must prevent further access to the system by initiating a device lock after a period of inactivity and retain the device lock until the user reestablishes access using established identification and authentication procedures, detailed in the internal standard.
Note that the timings and number of times unsuccessful login attempts are not listed in a policy – these would be detailed in the internal standard.
Completion Instructions:
Section 7 of the Cyber Security Program document will contain 4 policies.
7) Policies – complete this section by providing 4 complete policies, using the template you created for the DB in this module.
Policies
Acceptable Use Policy (use what you did for the DB – and put it in the template format – you will have to add to it as the DB did not include all sections of the template).
Asset Management Policy – This is mostly provided for you by way of an example.  You should complete the blank sections.
Access Control Policy – leverage NIST 800-53r5, the Access Control family, for inspiration. There should be at least 8 policy clauses included (2 examples are provided above as examples, you can use them)
Risk Management Policy – leverage NIST 800-53r5, the Risk Assessment family, for inspiration. There should be at least 5 policy clauses included
Additional Policies
NAME at least 8 additional policies that should be created to support the organization.
Note – this is just the NAME of the policy – you do not have to create these policies.
You can list policies based on the aligned standard, such as from NIST. You may choose policies such as “Audit and Accountability” – or If you want to be more direct, policies like “Password Policy” is fine as well, or a combination of both. Ensure that your polices cover most, if not all of the landscape of the common security controls areas.
Completion
Each week, more content will be added to it, you will always turn in the entire document each time. There are additional notes and comments on the template, remove them as you move through the completion of the template. For example, for the sections due this week, all of the comments, notes, and suggested text should be removed for those sections.

Related posts:

  1. The final project consists of the development of a novel research proposal specific to your role specialization. The project must include an intervention appropriate to nursing practice and consistent with your MSN role option. An alternative to the above
  2. TO PREPARE Assignment # 2 • Reflect on the study plan you created in NRNP 6665. Did you accomplish your SMART goals? What areas of focus still present opportunities for growth? THE ASSIGNMENT
  3. Week 7 Course Project: Lifespan Development Project Deliverable #2: The Person and the Theory Lifespan Developmental Analysis of Nick Vujicic: Overcoming Adversity and Achieving Resilience This assignme
  4. Use the Health Promotion Plan – Template attached to complete this assignment. This assignment is the outline of the Patient Education Brochure that you will develop later in the course. By completing the Health Promotion Plan template, you will: