Each group member will choose an element of the policy to design, and the group will collaborate on what the overall design and outline should look like and include components from end-user behavior, a training plan, file and folder access, social engineering safeguards, bring-your-own-device policies, use of external drives on company assets, security hardware, penetration testing, and affiliation of the information security department with law enforcement agencies.

To keep the scope narrow, your group should first describe what should be included and what should not be included in the policy (remember that a policy should clearly set management’s expectations).
After the scope has been defined, research the various components, and create an appropriate policy.
Prepare a Word document of 2-3 pages (excluding title page, abstract, and references page) that includes the network security policy for an organization that addresses all of the stated design requirements. It should be in APA format, including an introduction and conclusion.