Case Study 1: Acceptable Use Policy

An Acceptable Use Policy (AUP) is a very important policy within  organizations to define acceptable employee behavior when accessing  company resources. Additionally, there are also legal implications  within AUPs. Use an existing AUP that you are familiar with, such as  from a current or previous workplace, or search on the Internet for an  example AUP to complete this case study.
 

 Write a three to five (3-5) page paper in which you:  

  1. Describe  the purpose of an Acceptable Use Policy you have selected and explain  how the AUP helps provide confidentiality, integrity, and availability  within the organization.
  2. Critique the AUP you selected and provide recommendations for improving the AUP.
  3. Explain  methods that organizations can implement to help ensure compliance with  the AUP, mitigate their risk exposure, and minimize liability. Describe  how your selected AUP accomplishes these goals.
  4. Describe methods for increasing the awareness of the AUP, and other policies, within the organization.
  5. Use  at least three (3) quality resources in this assignment. Note:  Wikipedia and similar Websites do not qualify as quality resources. 

Your assignment must follow these formatting requirements:  

  • Be  typed, double spaced, using Times New Roman font (size 12), with  one-inch margins on all sides; citations and references must follow APA  or school-specific format. Check with your professor for any additional  instructions.
  • Include a cover page containing the title of the  assignment, the student’s name, the professor’s name, the course title,  and the date. The cover page and the reference page are not included in  the required assignment page length.

The specific course learning outcomes associated with this assignment are:  

  • Analyze  how security policies help mitigate risks and support business  processes in various domains in the information technology (IT)  infrastructure.
  • Describe the different ISS policies associated with the user domain.
  • Describe different issues related to implementing and enforcing ISS policies.
  • Use technology and information resources to research issues in security strategy and policy formation.
  • Write  clearly and concisely about Information Systems Security Policy topics  using proper writing mechanics and technical style conventions.