StudyDaddy Information Systems I need help with writing paper on the attached document

I need help with writing paper on the attached document

ISSP Policy on {Issue} for {Case Organization} , {Your Name}

ISSP on {Issue} for {Case Organization}

In this section the student should write a complete ISSP on the topic provided, using the outline below, as described in the text to serve as an example the organization can follow in writing the other ISSPs (typically 5-10 pages).. Be sure to format your final policy the same as the template (text .25” indented, 12 point Times New Roman, lines 1.5 spaced, paragraphs with 6 point space after). Everything in italics should be replaced or deleted before submitting your assignment

1. STATEMENT OF PURPOSE

The ISSP should begin with a clear statement of purpose that outlines the scope and applicability of the policy. It should address the following questions: What purpose does this policy serve? Who is responsible and accountable for policy implementation? What technologies and issues does the policy document address?

a. Scope and Applicability


b. Definition of Technology Addressed


c. Responsibilities


2. AUTHORIZED USES

This section of the policy statement explains who can use the technology governed by the policy and for what purposes. This section defines “fair and responsible use” of equipment and other organizational assets, and it addresses key legal issues, such as protection of personal information and privacy. The policy makes any use for any purpose not explicitly identified a misuse of equipment.

a. User Access


b. Fair and Responsible Use


c. Protection of Privacy


3. PROHIBITED USES

While the previous section specifies what the issue or technology can be used for, this section outlines what it cannot be used for. Unless a particular use is clearly prohibited, the organization cannot penalize employees for it. In some organizations, that which is not permitted is prohibited; in others, that which is not prohibited is permitted. In either case, be sure to state clearly the assumptions and then spell out the exceptions.

a. Disruptive Use or Misuse


b. Criminal Use


c. Offensive or Harassing Materials


d. Copyrighted, Licensed, or Other Intellectual Property


e. Other Restrictions


4. SYSTEMS MANAGEMENT

This section focuses on the users’ responsibilities with regard systems and data management. A company may want to issue specific rules regarding the use of e-mail and electronic documents, and storage of those documents, as well as guidelines about authorized employer monitoring and the physical and electronic security of e-mail and other electronic documents. This should also address retention policies, and the minimum and maximum times certain files may be retained and how, in accordance with relevant laws, regulations and guidelines. The Systems Management section should specify users’ and systems administrators’ responsibilities, so that all parties know what they are accountable for.

a. Management of Stored Materials


b. Employer Monitoring


c. Virus Protection


d. Physical Security


e. Encryption


5. VIOLATIONS OF POLICY

This section specifies the penalties and repercussions of violating the usage and systems management policies. Penalties should be laid out for each violation. This section should also provide instructions on how to report observed or suspected violations, either openly or anonymously, because some employees may fear that powerful individuals in the organization could retaliate against someone who reports violations. Anonymous submissions are often the only way to convince individual users to report the unauthorized activities of other, more influential employees.

a. Procedures for Reporting Violations


b. Penalties for Violations


6. POLICY REVIEW AND MODIFICATION

Every policy should contain procedures and a timetable for periodic review. This section should outline a specific methodology for the review and modification of the ISSP, so as to ensure that users always have guidelines that reflect the organization’s current technologies and needs.

a. Scheduled Review of Policy


b. Procedures for Modification


7. LIMITATIONS OF LIABILITY

The final section offers a general statement of liability or a set of disclaimers. If an individual employee is caught conducting illegal activities with organizational equipment or assets, management does not want the organization to be held liable. In other words, if employees violate a company policy or any law using company technologies, the company will not protect them and the company is not liable for their actions, assuming that the violation is not known or sanctioned by management.

a. Statements of Liability


b. Other Disclaimers


REFERENCES

Here you should describe all references and support documents used in the creation of this project in APA format. Note any document, graphic, table etc. used from an outside source must contain an in-text citation, as well as a reference here.


Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!