Choose an organization( software,cell phone,bank etc) and identify its mission or objective.
Identify its motivation for security policy and security policies they have. Note that security policy includes enterprise infoscience program policy,issue specific infosec policy,system specific infosec policy.
3 diiferent individual reports should have a security policy and provide 2 pages of security policy.
Ensure to address the following:
1) Are the exisiting policy obselete?
2) Does it need change to include current security developments
3) For each change indicate why such change is neccessary. How such changes faciliate organization functionality?