3. 3.2Antivirus5
3.3Acceptable Use5
4Recommendations5
5SuggEstED aCTIONS5
Appendix A: Approval6
APPENDIX B: REFERENCES7
APPENDIX C: KEY TERMS8
Introduction
Purpose
This
Summary Report provides a summary of end users
security policies and recommendations for amelioration
Executive Summary
In this report, the end user security policy is examined, and
areas where new policies or modifications would be beneficial
are noted.Detailed Summary
LAN Security/Password Policy
While the LAN Security policy section does mention some
policy parameters regarding password security, certain aspects
are left entirely up to the IT Officers discretion. Password
policy guidelines such as the complexity, length, and frequency
of use should be detailed for increased security. Many
organizations follow a password standard such as NIST
Antivirus
According to the 10.1 Detailed Policy Requirements section,
BYOD devices must have antivirus software, however company-
owned laptops and other devices are not obliged to have
antivirus software. All company-owned devices should come
4. with antivirus software installed, and only IT administrators
should be allowed to turn it off. Any software installation
should be subject to prior authorization and IT administrative
rights. By enabling antivirus and carefully examining software
before it is loaded, end device security will be much improved.
Acceptable Use
There is no definition of acceptable use of an organization
resource. Implementing firewall rules to ban specific websites
and website categories that are regarded inappropriate for the
workplace is a good idea. Policies that outline acceptable and
undesirable workplace browsing activity should be made
available to employees.
Recommendations
This report finds there are several critical issues with the
current security policyand recommends the above actions be
implemented to increase the overallsecurity of the
organization.SuggEstED aCTIONS
Following these recommendations, new policies ought to be
developed and included in the upcoming version of the end user
information security policy.
Appendix A: Approval
The undersigned acknowledge they have reviewed the
and agree with the approach it presents. Changes to this
will be coordinated with and approved by the
undersigned or their designated representatives.
Signature:
Date:
6. Title:
Role:
APPENDIX B: REFERENCES
[Insert the name, version number, description, and physical
location of any documents referenced in this document. Add
rows to the table as necessary. This is where you would want to
reference your Risk Register and any other documents that you
need to. For the purposes of this class, please include
references to course material or outside sources that you are
using in your work.]
The following table summarizes the documents referenced in
this document.
Document Name and Version
Description
Location
<Document Name and Version Number>
[Provide description of the document]
<URL or Network path where document is located>
APPENDIX C: KEY TERMS
[Insert terms and definitions used in this document. Add rows
to the table as necessary. Keep in mind that you are typically
7. writing a summary report for someone who is not familiar with
information technology. Be sure to define any terms here that
might need to be explained.]
The following table provides definitions for terms relevant to
this document.
Term
Definition
[Insert Term]
[Provide definition of the term used in this document.]
[Insert Term]
[Provide definition of the term used in this document.]
[Insert Term]
[Provide definition of the term used in this document.]
1
Revision Date: Error! Unknown document property name.
Page
7 of 8
image1.png