Write a five to eight (5-8) page research-based report in which you summarize your research and discuss the similarities and differences between the two IT
security policy documents. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a
minimum, your report must include the following:
1. An introduction or overview of IT Security Policies for the executive branch of state governments (covering state agencies and offices in the executive
branch including the governor’s office). Explain the purpose of an IT security policy and how states use security policies. Answer the question: why should
every state in the nation have a comprehensive IT security policy for state agencies and offices? (Make sure that you address the importance of such
strategies to small, resource-poor states as well as to large or wealthy states.)
2. A separate section in which you provide and discuss five or more specific examples of the common principles and policy sections/statements
(similarities) found in both IT security policy documents.
3. A separate section in which you discuss the unique aspects of the first state’s IT security policy document. Provide five or more specific principles or
guidelines or other content that is unique to the policy document.
4. A separate section in which you discuss the unique aspects of the second state’s IT security policy document. Provide five or more specific principles or
guidelines or other content that is unique to the policy document.
5. A section in which you discuss your evaluation of which state government has the better of the two IT security policy documents. You should also present
five or more best practice recommendations for improvements for both IT security policy documents. (Note: you may have different recommendations for
the individual policies depending upon the characteristics of each document.)
7. A summary section in which you address the need for IT Security Policies at the state government level. Provide a convincing answer to the question: why
should every state in the nation have a comprehensive IT security policy for state agencies and offices? Make sure that you address: (a) leadership, (b)
compliance with laws and regulations, and (c) best practices for good government.