The policy must include its mission statement for the cmi goals and objectives and how to fulfill this mission by enforcing the enterprise security policy and following security standards, procedures, and guidelines.
For this assignment, you will write an enterprise security policy to address security issues at CMI and improve security posture. Based on your risk assessment on CMI, you will write a security policy to address security vulnerabilities with appropriate administrative, technical, and operational controls. The security policy is an overarching document to present the CMI goals and objectives as a strategic document that helps the organization to create further defined security standards, procedures, and guidelines.
This assignment is based on the Cyber Marketing Inc. Case Study provided in this course. The CMI network diagram (Links to an external site.) (opens in a new browser window) is shown below for your convenience but is also available in the CMI Case Study.
You will prepare an enterprise security policy based on the CMI case study to prevent future vulnerabilities and improve security posture. The policy should include specific goals and objectives of the organization’s mission and how to successfully fulfill the mission. Based on the CMI vulnerabilities, the policy should focus on mitigation procedures and prevention of cyber vulnerabilities by enforcing security policies.
You will ensure security controls of administrative, operational, and technology will remain effective by enforcing the enterprise security policy. The policy must include its mission statement for the CMI goals and objectives and how to fulfill this mission by enforcing the enterprise security policy and following security standards, procedures, and guidelines.
5-10 pages of APA formatted paper, should be a deliverable to CMI who will enforce the security policy to improve the CMI enterprise security posture. include the following sections.
Enterprise Security Policy Scope
Enterprise Security Policy Details in specific area of network operations
Enterprise Security Policy Enforcement Procedures and Measurements
Expected security policy outcomes
A list of references for in-text citations