Discussion: IT Security Policy Enforcement
Read the following Scenario:
Imagine you work for a Department of Defense (DoD) organization with direct ties to the U.S. government. You are a supplier of military products. Your organization has three different levels of management, and of those levels two different unions exist. The majority of your staff is in a non-supervisory union. Your organization had approximately 7,000 workers, which are located across the United States in 35 locations. You also have contractors. You have developed an Internet use policy along with a physical access policy and implemented them. You must modify these policies as soon as possible because of a recent security breach that exposed flaws in both policies.
Discussion requirements
• Describe a policy monitoring and enforcement strategy for your organization.
• Identify and describe the legal implications of ISS policy enforcement after the modified policies are adapted.
• Reference your discussion.