I don’t understand this Science question and need help to study.
A recent internal audit uncovered a lack of knowledge on the part of employees and included a finding that this lack of knowledge contributed to a compliance failure for IT security controls related to privacy and data security. The auditors recommended that the company needed to improve its communication of policy changes and revisions to both employees and managers. The auditors also noted that Red Clay Renovations has been experiencing a great deal of change especially with respect to how the company protects information from unauthorized disclosures, including theft of data by cyber criminals. The company agreed with the finding and in its response noted that it has developed a substantial number of new and revised policies, plans, and guidance procedures to help manage the associated risks but that it could improve internal communications about those changes. Now, the company needs to fix the “communications” problem. The CISO has asked you to help develop a communication strategy that can be used to explain the cybersecurity and privacy related policies to a non-technical workforce.
Your Task: Prepare a briefing that identifies your top 5 strategies and explains why you chose each one. Provide examples of the types of policies which need to be communicated to the workforce (use your work for Projects 1, 2, & 3 and your weekly discussion papers). To help you get started, the CISO has suggested that you consider the following methods when developing your communication strategy.
- distribution of printed copies of the policies,
- email distribution,
- web links to an internal Website,
- face-to-face briefing of field office staff and managers (with or without Question & Answer session),
- a company newsletter