Final Security Plan Project Check out SANS.ORG or other similar sites for a template you can work off of Below are sections I would expect to see, but there are certainly more that can be added Policies and Procedures Acceptableunacceptable use Email policies What can lead to termination (talking bad about employer on social media, sending private data outside the company, downloading from overseas sites known for viruses, really bad irresponsible things, etc) What can lead to like a warning (sending political emails from work email, not termination stuff but things that you should expect to be talked to for Password length, how often changed, etc. How things get dealt with if an employee quits, what if terminated? BCP (Business Continuity Plan), backup protocols, offsite? Cloud? Hot site? Warm site? Costs? Network diagram Costs of the Security Team and who will be part of it (CISO, desktop, helpdesk, architects, etc.) ReferencesSited sources Are there frameworks in NIST that could be adhered to and referenced? NIST.GOV International Organization of Standardization? ISO.ORG
