Develop a Security Policy and Testing Plan
Your organization was recently attacked with a malicious virus that originated from a file downloaded by an employee from
an email that appeared to come from a coworker. The employee immediately contacted information technology (IT) once he
noticed that the download was malicious.
The chief executive officer (CEO) now wants to implement a procedure so that everyone is aware of the potential harm that
can be delivered in emails and how they can be proactive. The CEO has tasked you with developing a policy that will be
sent to all employees and also drafting a plan to start testing employees by sending fake emails and tracking employee
actions.
include the elements listed below in your policy and plan.
Provide an introduction that gives an overview of the purpose for this document.
Discuss the planning needed for this activity.
Identify departments that need to be involved.
Develop a procedure for employees to report any suspicious activity. What steps should they take, and who should they contact?
Research and develop a plan to start a security testing campaign to see how employees react to security messages that
are sent to their emails. You can investigate organizations that provide these types of campaigns to explore ideas for
how to train your employees.
Your response to this assignment should consist of at least two pages. Adhere to APA Style when creating citations and
references for this assignment.
