This document serves as the case document for the organization you will be writing a security policy for. Feel free to “enhance” the case by adding details not readily available. Read through the case and do any additional expansion you feel necessary to complete the assignments. Note the case organization will change from semester to semester.  Be sure you do not rely on information from previous semesters in conducting your assignments.
Download this Word template and complete for the policy assignment. The template provides supplemental instructions and headers for the ISSP that comprises the assignment.


Assignment submission folder for the ISSP Policy:

Using the Template provided, create an Issue-Specific Security Policy for the case organization. KSU

The Case organization file for the hypothetical business is in the learning module for the Policy Project and opens in the second week of the course.

The ISSP should address the fair and responsible use of company computers & networks, including Internet access from the office, specifically:

  1. Use of non-organizational computing equipment (smartphones, tablets and laptops) on organization’s systems and networks.
  2. Use of organizational computer equipment for non-organizational purposes, during and after office hours.

You will choose a reasonable position as to the level of restriction you decided to place on employee use of these technologies. Make sure your approach is consistent across the policy. In other words, don’t be extremely permissive in one area of the policy, then extremely restrictive in another.

ISSP Policy:

ISSP Policy:

Do not quote or paraphrase from any outside reference (e.g. sample policy).  If you wish to review other policies, ensure your policy is unique and does not require quotation marks or in-text citations, but include any policies reviewed in the references section.

If you upload the policy in error – or decide to correct it after you’ve submitted it – you should be able to submit again without penalty. I will grade the last document uploaded.

D2L will automatically submit your assignment to for “similarity review”.  It is therefore required that you submit your COMPLETE DRAFT to the D2L dropbox at least 24 hours prior to the due date/time, as Turnitin can sometimes take up to an hour to provide a similarity index after submission.

After you get your report, you must revise and resubmit your FINAL assignment to the same D2L dropbox, regardless of whether or not you feel revisions are necessary. Work to remove ALL flagged content in the policy, not associated with the provided template (headers, etc.).

Failure to submit both a COMPLETE DRAFT and a FINAL version of your assignment will result in a minimum 10% penalty.

Attached also is a no-audio illustration of sample policy content. It is NOT complete, nor should students attempt to directly duplicate this content when creating their own policies.  It is provides as an example of what the content within each section could look like, or how it should start.  It’s provided as a video to prevent cut/paste issues.