Case Study Assignment: Acceptable Use Policy
An Acceptable Use Policy (AUP) is a very important policy within organizations to define acceptable employee behavior when accessing company resources. Additionally, there are also legal implications within AUPs. Use an existing AUP that you are familiar with, such as from a current or previous workplace, or search on the Internet for an example AUP to complete this case study.
Write a three to five page paper in which you:
1. Describe the purpose of an Acceptable Use Policy you have selected and explain how the AUP helps provide confidentiality, integrity, and availability within the organization.
2. Critique the AUP you selected and provide recommendations for improving the AUP.
3. Explain methods that organizations can implement to help ensure compliance with the AUP, mitigate their risk exposure, and minimize liability. Describe how your selected AUP accomplishes these goals.
4. Describe methods for increasing the awareness of the AUP, and other policies, within the organization.
5. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.
The specific course learning outcomes associated with this assignment are:
• Analyze how security policies help mitigate risks and support business processes in various domains in the information technology (IT) infrastructure.
• Describe the different ISS policies associated with the user domain.
• Describe different issues related to implementing and enforcing ISS policies.
• Use technology and information resources to research issues in security strategy and policy formation.
• Write clearly and concisely about Information Systems Security Policy topics using proper writing mechanics and technical style conventions.