Write an organizational policy (or personal policy, if not in the job force) to correct the IT-related ethical issue that you described in Paper B1, where you mapped key organizational or personal issues and identified how these digital ethical issues were affected by relevant laws, regulations, and policies. Please incorporate the instructor’s feedback from the instructor’s evaluation of Paper B1, as appropriate and then use the Paper B1 matrix you produced as a supporting document, but there is no need to incorporate into Paper B2. Paper B1 will be reviewed and scored by the instructor, as soon as possible.
The following elements must be addressed:
Look at other policies to see how they are written. While the following site: http://www.sans.org/security-resources/policies/computer.php, provides credible examples of templates for policies, an Internet search may provide other templates, however there is no need to copy a template for this assignment, as the template should only be utilized to provide guidance regarding the following headings.
Remember that policies are simple, succinct, and clear statements of what your organisation or agency requires, in order to conduct its mission, or business. Policies consist of a number of policy points that help to guide decision making, that need not to be overly long or complex.
Your policy should include appropriate information in your own words for the following major headings:
Overview of the policy – this should serve as an Introduction!
Purpose of the policy – It should describe what the desired outcome of the policy should be.
Scope – states the “who” or “what” that the policy applies to. For the who – a brief description of roles and responsibilities should be included.
Policy Points to follow – (Note: a policy describes the “what,” and a procedure describes the “how,” therefore this section should discuss the specific measures, needs, or changes to behavior within the organization in terms of policy points, or the “what.”. Any procedures that are needed to fulfill the policy are usually included by reference later in the policy – procedures should not be included within the policy points).
Sanctions/enforcement of policy that deal solely with non-compliance. General compliance measurement is not required!