3-1 Discussion: Security Policy Discussion Topic


A security policy is developed by senior management to assign certain responsibilities and mandate certain requirements, which are usually aligned with the agency’s mission.

A new policy was just created to prohibit peer-to-peer software downloads, as most are illegal and may bring malicious content to the workplace. You, the security officer, noticed that employees resisted the policy and chose to continue downloading peer-to-peer software. In an initial post, explain how you would handle this situation. What would you do to enforce the policy?