Assignment: Create Information Security Model

In this assignment you will create an Information Security Model based on the template given below.

You will have to create a model depending on the system you have selected (refer to the chart below). Therefore, your model is custom-made. Highlight security issues in your model based on the scope of the system. You can use Internet to find information about your industry/company/organization but do not copy any companys security policy if you come across one during your research. Be precise and brief in each section of the template. The content must reflect your industry-type.

	Create template for
1	Hospital

[Replace dots with your policy statements; number of dots are irrelevant.]

Information Security Model

Introduction

The enclosed policies and directives have been established in order to:

Protect this investment.

Safeguard the information contained within these systems.

Reduce business and legal risk.

Protect the good name of the company.

Violations

.

.

Administration

The information services manager (IS manager) is responsible for the administration of this policy.

Contents

The topics covered in this document include:

1. Statement of responsibility

2. The Internet and e-mail

3. Computer viruses

4. Access codes and passwords

5. Physical security

6. Copyrights and license agreements

1. Statement of responsibility

.

.

Manager responsibilities

.

.

IS manager responsibilities

.

.

2. The Internet and e-mail

.

.

Policy

.

.

Acceptable use

.

.

Unacceptable use

.

.

Downloads

.

.

Employee responsibilities

.

.

Copyright

.

.

Monitoring

.

.

3. Computer viruses

.

.

Background

.

.

IS responsibilities

.

.

Employee responsibilities

.

.

4. Access codes and passwords

.

.

IS responsibilities

.

.

Employee responsibilities

.

.

Supervisors responsibility

.

.

Human resources responsibility

.

.

5. Physical security

.

.

Employee responsibilities

.

.

6. Copyrights and license agreements

.

.

Legal reference

.

.

Scope

.

IS responsibilities

.

.

Employee responsibilities

.

.

Civil penalties

.

.

Criminal penalties

.

.

Acknowledgment of Information Security Policy

This form is used to acknowledge receipt of, and compliance with Information Security Policy.

Procedure

Complete the following steps:

1. Read the Information Security Policy.

2. Sign and date in the spaces provided below.

3. Return this page only to the information services manager.

Signature

By signing below, I agree to the following terms:

i. I have received and read a copy of the Information Security Policy

ii. I understand and agree that any computers, software, and storage media provided to me

iii I agree that I shall not copy, duplicate

iv I agree that, if I leave

Employee signature:____________________________________

Employee name:_______________________________________

Date: _________________________________________________

Department: