Discuss each component and specific information to included

Project Homework: IT Security Policy Framework


Depending on the situation, IT disaster recovery is a stand-alone concern or part of a broader business continuity effort. This considers types of backup sites, office PCs, and the restoration of data and programs. IT disaster recovery looks specifically at the technical aspects of how a company can get IT back into operation using backup facilities. IT disaster recovery is a business concern because decisions that seem purely technical may have major implications for the business that IT professionals may not accept and should not have the authority to make.

Review information assurance policy templates via the SANS policy template site. You can find this through Security Policy Templates found under Project: IT Security Policy Framework Resources located on the Project: IT Security Policy Framework Homework page. Also use feedback from your Project: Security Policy Implementation Homework, and select a template of your choice; such as the General / Acceptable Encryption Policy to download either the doc or pdf file. Utilize the downloaded template, from the SANS Policy website, feedback from your first project, and the Project Grading Rubric as a guide to provide a 5 pages write-up presenting an information assurance policy of your choice for a hypothetical company or an existing organization of your interest. You will need to have the following components included in your proposed information assurance policy:

1) Overview
2) Purpose
3) Scope
4) Policy Compliance
5) Related Standards
6) Definitions
7) Terms


Discuss each component and the specific information to be included within each section of the policy.

Support your paper with five recent (last five years) peer-reviewed resources. In addition to these specified resources, other appropriate scholarly resources, including older articles, may be included.