” Assignment 1: Creating and Communicating a Security StrategyFirst Draft Due Week 4Final Due Week 6, worth 80 pointsAs an IT professional, you’ll often be required to communicate policies, standards, and practices in theworkplace. For this assignment, you’ll practice this important task by taking on the role of an ITprofessional charged with creating a memo to communicate your company’s new security strategy.The specific course learning outcomes associated with this assignment are:• Analyze the importance of network architecture to security operations.• Apply information security standards to real-world implementation.• Communicate how problem-solving concepts are applied in a business environment.• Use information resources to research issues in information systems security.• Write clearly about network security topics using proper writing mechanics and business formats.Preparation1. Review the essential elements of a security strategyA successful IT administration strategy requires the continuous enforcement of policies, standards, andpractices (procedures) within the organization. Review these elements to see how they compare:Policy The general statements that direct the organization’s internal and externalcommunication and goals.Standards Describe the requirements of a given activity related to the policy. They are moredetailed and specific than policies. In effect, standards are rules that evaluate thequality of the activity. For example, standards define the structure of the passwordand the numbers, letters, and special characters that must be used in order tocreate a password.Practices The written instructions that describe a series of steps to be followed during theperformance of a given activity. Practices must support and enhance the workenvironment. Also referred to as procedures.2. Describe the business environmentYou are the IT professional in charge of security for a company that has recently opened within ashopping mall. Describe the current IT environment at this business. You can draw details from acompany you work for now or for which you have worked in the past. You’ll need to get creative andidentify the details about this business that will influence the policies you’ll create. For example, does thecompany allow cell phone email apps? Does the company allow web mail? If so, how will this affect themobile computing policy? Describe all the details about this business environment that will be necessaryto support your strategy.CIS333 – Assignments and Rubrics3. Research sample policiesFamiliarize yourself with various templates and sample policies used in the IT field. Do not just copyanother company’s security policy, but rather learn from the best practices of other companies and applythem to yours. Use these resources to help structure your policies:● Information Security Policy Templates● Sample Data Security Policies● Additional Examples and TipsInstructionsWith the description of the business environment (the fictional company that has opened in a shoppingmall) in mind and your policy review and research complete, create a new security strategy in the formatof a company memo (no less than three to five pages) in which you do the following:1. Describe the business environment and identify the risk and reasoningProvide a brief description of all the important areas of the business environment that you’vediscovered in your research. Be sure to identify the reasons that prompted the need to create asecurity policy.2. Assemble a security policyAssemble a security policy or policies for this business. Using the memo outline as a guide,collect industry-specific and quality best practices. In your own words, formulate your fictionalcompany’s security policy or policies. You may use online resources, the Strayer Library, or otherindustry-related resources such as the National Security Agency (NSA) and Network World. In afew brief sentences, provide specific information on how your policy will support the business’goal.3. Develop standardsDevelop the standards that will describe the requirements of a given activity related to the policy.Standards are the in-depth details of the security policy or policies for a business.4. Develop practicesDevelop the practices that will be used to ensure the business enforces what is stated in thesecurity policy or policies and standards.Format your assignment according to the following formatting requirements:• This course requires use of Strayer Writing Standards (SWS). The format is different than otherStrayer University courses. Please take a moment to review the SWS documentation for details.Review this resource to learn more about the important features of business writing: The OneUnbreakable Rule in Business Writing.● You may use the provided memo outline as a guide for this assignment, or you may use yourown. Get creative and be original! (You should not just copy a memo from another source.) Adaptthe strategy you create to your “company” specifically. In the workplace, it will be important to usecompany standard documents for this type of communication.● Do not cut and paste someone else’s strategy. Plagiarism detection software will be used toevaluate your submissions.