Cybersecurity Policy.docx - Running head: CYBERSECURITY...

This preview shows page 1 - 4 out of 7 pages.

Running head: CYBERSECURITY POLICY1Cybersecurity PolicyStrayer UniversityCIS598 Information Assurance CapstoneDr. Randy ArvayAugust 23, 2020
CYBERSECURITY POLICY2PrincipleThis cybersecurity policy lays down a set of rules for the people who will be accessing thelaw firm’s company network. The objective of this cybersecurity policy is to inform all the usersof the company’s network, like the employees, authorized users, and contractors of the obligatoryrequirements. That applies to them regarding the protection of the technology and the assetsbeing used in the law firm.ObjectiveThe document will describe all the technological assets and company information. The usersneed to protect as well as the threats that face these assets. Further, the policy lays down theprivileges and the responsibilities of each user. Questions to be answered include what theacceptable usage situations of the company infrastructure and data are? What rules define howinternet access is to be done? Apart from giving answers to these questions, the policy will alsolay down the limitations the users have and the penalties to be incurred once one violates thepolicy. Finally, the policy document will describe the security testing methodology you woulduse to facilitate the assessment of technical controls.Policy StatementAll data is accessed over the law firm’s networks, and computers that have not been termedas belonging to any third party will be termed as an asset of the law firm. This policy prohibitsunauthorized access, duplication, disclosure, diversion, modification, misuse, and all other illegalusages of this information. In case any third-party information has been given to the law firm, itis under the protection of the law firm in a manner that is consistent with the data’s sensitivity asstipulated by the policy.
CYBERSECURITY POLICY3ResponsibilitiesTheChief Information Officerhas the responsibility to establish, maintain, implement,administer, and interpret the security policies of all the information systems, the standards,procedures, and guidelines to be used in the law firm. However, all the employees in the law firmhave the responsibility to secure the information systems each day. The guidance, authority, and

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 7 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A
Tags

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture