Term Paper: Security Regulation ComplianceThis assignment consists of two (2) sections: a written paper and a
PowerPoint presentation. You must submit both sections as separate files for the
completion of this assignment. Label each file name according to the section of
the assignment it is written for.
In the day-to-day operations of information security, security
professionals often focus the majority of their time dealing with employee
access issues, implementing security methods and measures, and other day-to-day
tasks. They often neglect legal issues that affect information security. As a
result, organizations often violate security-related regulations and often have
to pay heavy fines for their non-compliance. Thus, as a Chief Information
Officer in a government agency, you realize the need to educate for senior
leadership on some of the primary regulatory requirements, and you realize the
need to ensure that the employees in the agency are aware of these regulatory
requirements as well.
Section 1: Written Paper
1.Write a six
to eight (6-8) page paper in which you:
a.Provide an
overview that will be delivered to senior management of regulatory requirements
the agency needs to be aware of, including:
i.FISMAii.Sarbanes-Oxley
Actiii.Gramm-Leach-Bliley
Activ.PCI
DSSv.HIPAAvi.Intellectual
Property Law
b.Describe the
security methods and controls that need to be implemented in order to ensure
compliance with these standards and regulatory requirements.c.Describe the
guidance provided by the Department of Health and Human Services, the National
Institute of Standards and Technology (NIST), and other agencies for ensuring
compliance with these standards and regulatory requirements.d.Use at least
five (5) quality resources in this assignment. Note: Wikipedia and similar
Websites do not qualify as quality resources.
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch
margins on all sides; references must follow APA or school-specific format.
Check with your professor for any additional instructions. - Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover page and
the reference page are not included in the required page length.
Section 2: PowerPoint Presentation
2.Create an
eight to ten (8-10) slide security awareness PowerPoint presentation that will
be presented to the agency’s employees, in which you:
a.Include an
overview of regulatory requirements and employee responsibilities,
covering:
i.FISMAii.Sarbanes-Oxley
Actiii.Gramm-Leach-Bliley
Activ.PCI
DSSv.HIPAAvi.Intellectual
Property Law
requirements:
- Include a title slide, six to eight (6-8) main body slides, and a conclusion
slide.
The specific course learning outcomes associated with this assignment
are:
- Explain the concept of privacy and its legal protections.
- Describe legal compliance laws addressing public and private
institutions. - Analyze intellectual property laws.
- Examine the principles requiring governance of information within
organizations. - Use technology and information resources to research legal issues in
information security. - Write clearly and concisely about information security legal issues and
topics using proper writing mechanics and technical style conventions.
0 comments