This assignment requires the creation of a security policy for a financial institution, a Canadian Bank. You need to refer to a fictitious organization for which
you will be creating a high-level information security policy, on the model seen in class. You can refer to the Moodle presentation on security policies.
The requirement is for a high-level policy of an organization that is created to support and enforce portions of the organization’s Information Management
Policy by specifying in more detail what information is to be protected from anticipated threats and how that protection is to be attained., refer to NIST
SP800-152 for more information on what this is.
Should be 5 to 10 pages, 1.5 spacing, 12 point font, Arial or similar font, margins 2.5cm all around.
There are models shown in class and available on Moodle to help you.
NIST SP800-152
https://www.nist.gov/publications/security-and-privacy-controls-information-systems-and-organizations
