Assume that you have been hired as a consultant by a medium-sized insurance organization and have been asked to draft an it security policy framework. You may create and / or assume all necessary assumptions needed for the completion of this task. Write a paper in which you:

1. Select a security framework, describe the framework selected, and design an it security policy framework for the organization.

2. Describe the importance of and method of establishing compliance of it security controls with U.S. laws and regulations, and how organizations can align their policies and controls with the applicable regulations.

3. Analyze the business challenges within each of the seven (7) domains in developing an effective it security policy framework.

4. Describe your security policy framework implementation issues and challenges and provide recommendations for overcoming these implementation issues and challenges.

• Identify the role of an information systems security (ISS) policy framework in overcoming business challenges.

• Design a security policy framework.

• Use technology and information resources to research issues in security strategy and policy formation.

• Write clearly and concisely about information systems security policy topics using proper writing mechanics and technical style conventions.

Answer rating: 100% (QA)

Hired by as a consultant at an insurance organization I chose on the NIST SP 800 series as the companys security framework Its first publication was done in 1990 and since then it has been growing in ... View the full answer