4045.1.1: Compliance Legal Requirements
The graduate describes the legal requirements to address compliance with cybersecurity policies and procedures with an organization.
4045.1.2: Protection Against Security Incidents
The graduate analyzes applicable laws and policies to legally protect the organization against security incidents.
Introduction
This course addresses the laws, regulations, authorities, and directives that inform the development of operational policies, best practices, and training. These standards assure legal compliance and minimize internal and external threats.
In this task, you will analyze legal constraints and liability concerns that threaten information security within the given organization and develop disaster recovery plans to ensure business continuity.
Scenario
See the attached “TechFite Case Study” for information on the company being investigated. You should base your responses on this scenario.
Requirements
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. An originality report is provided when you submit your task that can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
A. Demonstrate your knowledge of application of the law by doing the following:
- Explain how the Computer Fraud and Abuse Act and the Electronic Communications Privacy Act each specifically relate to the criminal activity described in the case study.
- Explain how three laws, regulations, or legal cases apply in the justification of legal action based upon negligence described in the case study.
- Discuss two instances in which duty of due care was lacking.
- Describe how the Sarbanes-Oxley Act (SOX) applies to the case study.
B. Discuss legal theories by doing the following:
- Explain how evidence in the case study supports claims of alleged criminal activity in TechFite.
a. Identify who committed the alleged criminal acts and who were the victims.
b. Explain how existing cybersecurity policies and procedures failed to prevent the alleged criminal activity.
- Explain how evidence in the case study supports claims of alleged acts of negligence in TechFite.
a. Identify who was negligent and who were the victims.
b. Explain how existing cybersecurity policies and procedures failed to prevent the negligent practices.
C. Prepare a multimedia presentation with notes (e.g., Microsoft PowerPoint, Apple Keynote) (suggested length of 3–5 slides) to s
Sample Solution
