Security Transport Professionals (STP) Incorporated desires to increase its share of the transportation market for high risk, sensitive, top secret, regulated “goods” by establishing itself as being t

Security Transport Professionals (STP) Incorporated desires to increase its share of the transportation market for high risk, sensitive, top secret, regulated “goods” by establishing itself as being the premier freight hauler who can rise to the task of moving its customer’s product to its destination in the quickest, most efficient, confidential, safe and secure manner possible, while maintaining a comparable cost of moving and storage. This means that it wants to be identified as THE hauler who incurs the smallest amount of damage, destruction, and delays to the customer’s product while the product is in STP’s care and possession, and who transports the product in a legally defensible manner, exposing its customers the smallest legal exposure possible. STP’s objectives include having a system of management and governance of its data that is readily accessible for decision making, secure and exposes the organization to the smallest degree of risk possible. The strategic plan for achieving this organizational objective includes designing, planning, implementing, testing, auditing, evaluating, and continual updating or revising an overall organizational Information Governance program that is aligned and synchronized with the organizations’ overall strategic plans, goals and business objectives. The Information Governance program should include key concepts from records management, content management, Information Technology and data governance, information security, data privacy, risk management, litigation readiness, regulatory compliance, long-term digital preservation and business intelligence. To do this, STP recognizes that in order to support the organizational objectives, its Information Governance (IG) goal must be to design and implement a plan/program that provides for a standardized and systematized method of handling information wherein it can efficiently analyze and optimize how information is accessed, controlled, managed, shared, stored, preserved and audited.

During Phase I, you as the project manager have had an opportunity to give some thought to which members of the organization you would want to have on your IG team from those listed in the project description who have expressed an interest in assisting in the creation of the IG program at STP. You have also had an opportunity to give some thought to what you expect might be the greatest security risks that STP may face through your risk analysis and risk profile. You have had an opportunity to research the differing regulations in the different states where STP operates primarily. In Phase II you had an opportunity to consider the types of records STP deals with through your records inventory for a least one area of the organization. You have considered a records retention plan and have identified the types of records that may be periodically tagged for destruction, which should be archived, and which are subject to long term digital preservation. You are now ready to design your first Information Governance Program.

While it should go without stating, information related to each of STP’s customers and their products is highly sensitive, and in some cases top secret. You want to make sure that the IG Program that STP implements will allow STP to retain all of the information about its customers,

the product transported, and the particular haul that it is required to keep pursuant to federal and

state law. You want to insure STP that the proper information will be retained that it might need

for purposes of litigation and e-discovery. You will need to consider disaster recovery and business

continuity. You don’t want STP to keep unnecessary information for extended periods of time,

thereby increasing the cost and time involved with processing and retention, and also increasing

STP and its customers to litigation risks. Therefore, you will want to give serious consideration to

STP’s data disposition or disposal plans.

INSTRUCTIONS FOR PHASE III

You are to prepare an Information Governance Policy/Program for STP. All IG policies or

programs are somewhat different and unique to the industry and to the organization. There are a

number of sample Information Governance Policy/Program templates and samples on the internet.

Attached to the end of this document is a sample Information Governance Policy template that was

copied verbatim from the website https://www.infogovbasics.com/creating-a-policy/.

Please feel free to browse the internet to get a flavor for what an actual IG Policy/Program might

look like. If you desire, use the template attached to the end of this document as an outline for how

you might choose to format your IG Policy/Program for STP and what you might want to include

in your IG policy/program. It is certainly not a requirement that you use the attached sample as a

guideline for formatting your own. You may determine that you have something better! This

sample at the end of this document is merely attached as one example of what might be contained

in your IG policy/program, and in what format. Browse as much as you want to determine how

you want to format your own IG Policy/program, and the types of things you will include. Even if

you do decide to use the attached sample, still you are required to customize this sample to meet

the distinct characteristics and needs of STP.

Please do not misconstrue the sample/example format attached hereto. You must complete the

actual content or provide instruction for each section listed, and include your own sections where

appropriate. For example, you will see on one portion of the attached example the following:

Roles and Responsibilities

The first major section of most frameworks clearly define key roles and their responsibilities,

including:

Information Governance Committee

Information Governance Team

Information Risk Management

Information Asset Management

Records Manager

Line - of - Business Managers

Employees

“Roles and Responsibilities” is merely a category or heading for one portion of the IG

policy/program. The sentence that reads, “The first major section of most frameworks clearly

define key roles and their responsibilities including:” is nothing more than an instruction from

me to you describing the section. Then the 7 lines that follow is just an example of the key

players for this particular example. It still needs to have the roles and responsibilities inserted

and described in sentence form for each of those 7 positions listed. So you will not include in

your IG policy/program my description of what each category is used for. Please remember that

I said I want you to use sentence form. Please don’t just give me listings like each of the 7 listed

in the Roles and Responsibility example above. The IG policy/program that you submit should

be so much more than just bullet items with sentences of explanation. You will lose a significant

number of points if you decide to give me bulleted items only.

However, please, please, please do not plagiarize by copying another IG policy that you find on

the internet (or anywhere else). Remember I will run the IG Policy that you submit through a

plagiarism checker that will compare it with others on the web and with those of the other students

in the class. Where it finds a match it will give me the source. In addition, it will break down your

paper and will tell me what percentage of your entire paper was plagiarized from different sources.

If you use anything from an IG policy that you find on the Internet, please give credit to the source

so that the plagiarism issue will not come up. If you find a good IG policy/program on the internet,

or from any other source, please give credit to the source by listing it as a reference. If you use the

sample that is attached hereto, please reference it as well. References should be in the form of

endnotes, and not footnotes as footnotes would most likely detract from the IP Policy/Program.

The IG Policy that you develop should be specific to STP and unique to the organization’s needs.

Where you decide that STP should use cloud computing, mobile devices, and to the extent that you

decide that it is appropriate for STP to engage in enterprise social media, state the decisions you

have made as those things will be reflected in your IG policy. Explain any decisions or assumptions

you have made for STP that were not outlined in the description of the company.

This phase (phase III) of your project is due no later than Monday, June 25, 2018 at 11;30 p.m.

Eastern Standard Time. This is an extension for the deadline for submitting phase III and a

departure from the deadline given in the syllabus. Make sure to submit the project in WORD

format. Use 1 inch top, bottom, left and right margins on each page. Include a cover page that

will contain the Course name and number, semester term, your full name, student id, and the title

“STP INFORMATION GOVERNANCE POLICY/PROGRAM IMPLEMENTATION

PHASE III”.

This portion of the semester project is worth 10% of the overall grade. You should submit this

assignment using iLearn. Go to the content section where you will see a folder labeled

“SEMESTER PROJECT-STP”. Select that folder. You will then see selections for submitting

Phases I, II and III. Please select Phase III, then and upload the WORD document that you

created. This assignment must be submitted no later than 11:30 p.m. Eastern Standard Time on

Monday, June 25, 2018. Assignments will not be accepted late. This means that you should not

plan to contact me at 11:35 p.m. or 11:59 p.m. and tell me that you thought Phase III was due at

midnight, or any time other than 11:35 p.m.