You have been hired as the CSO (Chief Security Officer) for an organization. Your job is to develop a very brief computer and internet security policy for the organization that covers the following areas: Computer and email acceptable use policy Internet acceptable use policy Make sure you are sufficiently specific in addressing each area. There are plenty of security policy and guideline templates available online for you to use as a reference or for guidance. Your plan should reflect the business model and corporate culture of a specific organization that you select. Include at least 3 scholarly references in addition to the course textbook.  The UC Library is a good place to find these references. At least two of the references cited need to be peer-reviewed scholarly journal articles from the library. Your paper should meet the following requirements: • Be approximately 4 pages in length, not including the required cover page and reference page. • Follow APA6 guidelines. Your paper should include an ABSTRACT, a body with fully developed content, and a conclusion. • Support your answers with the readings from the course and at least three scholarly journal articles to support your positions, claims, and observations, in addition to your textbook.

Title: Computer and Internet Security Policy for XYZ Organization


As the CSO (Chief Security Officer) for XYZ organization, the development of a concise and comprehensive computer and internet security policy is crucial to safeguarding the organization’s assets and data. This policy aims to provide clear guidelines for the acceptable use of computers, emails, and the internet within the organization, ensuring the protection of sensitive information and promoting a secure work environment. This paper outlines the specific areas that will be addressed in the policy, taking into account the organization’s business model and corporate culture. The policy is based on scholarly research and industry best practices.


Computer and internet security policies serve as essential tools for organizations in today’s technologically dependent world. These policies outline the rules and guidelines for the safe and responsible use of information systems, protecting against potential risks and threats. This paper presents a computer and internet security policy designed for XYZ organization, which ensures the organization’s adherence to best practices and compliance with legal and regulatory requirements.

Computer and Email Acceptable Use Policy

The computer and email acceptable use policy outlines the guidelines for the appropriate and authorized use of computers and email systems within the organization. It establishes rules regarding password protection, software installation, data classification, and email usage.

1. Password Protection: Users are required to create strong, unique passwords and keep them confidential. Passwords must be changed regularly, and individuals are prohibited from sharing their passwords or using default or easily guessable passwords.

2. Software Installation: Employees are only allowed to install authorized software from approved sources. Unauthorized installation of software, including freeware or shareware, is strictly prohibited.

3. Data Classification: All data and information must be classified based on its confidentiality level (e.g., confidential, internal use, public) and handled accordingly. Employees must adhere to the organization’s data classification policy and protect sensitive information at all times.

4. Email Usage: Employees must use the organization’s email system for business purposes only. Sending or accessing inappropriate or offensive content, spam, or phishing emails is strictly prohibited. Confidential information should be encrypted when transmitted via email.

Internet Acceptable Use Policy

The internet acceptable use policy establishes guidelines for the appropriate use of the internet within the organization, ensuring employees’ responsible behavior and safeguarding against security risks.

1. Web Browsing: Employees are encouraged to use the internet for work-related research and information gathering. Personal use of the internet should be limited to breaks and after working hours. Employees must avoid visiting malicious or unauthorized websites and refrain from downloading files or accessing content that may pose security risks.

2. Social Media: Use of social media platforms during working hours should be limited to authorized individuals for business purposes. Personal use of social media sites should be avoided during work hours. Employees are expected to adhere to the organization’s social media policy, promoting professionalism and protecting the organization’s reputation.

3. Data Transfer: Employees must exercise caution when transferring data to and from external sources, ensuring that it complies with copyright laws and intellectual property rights. File sharing should only be done through authorized platforms with appropriate security measures in place.


In conclusion, implementing a well-defined computer and internet security policy is essential for XYZ organization to protect its sensitive information, ensure compliance with legal requirements, and maintain a secure work environment. By providing clear guidelines for computer and email usage and establishing responsible internet practices, the policy will significantly reduce the organization’s exposure to security risks and malicious activities. Regular employee training and awareness programs should accompany the policy to enforce adherence and promote a culture of security within the organization.

Need your ASSIGNMENT done? Use our paper writing service to score better and meet your deadline.

Click Here to Make an Order Click Here to Hire a Writer