CYB 410 Project Two Milestone Two Guidelines and RubricData Life Cycle Management PoliciesOverviewWhat is the importance of policies in data life cycle management? In previous modules, you have...

CYB 410 Project Two Milestone Two Guidelines and Rubric
Data Life Cycle Management Policies
Overview
What is the importance of policies in data life cycle management? In previous modules, you have completed a data inventory and
data classification for Green Thumb Nursery. Now you will address additional elements in the data life cycle for Green Thumb: data
storage, data security, and data destruction. Addressing these elements of the data life cycle is important for all organizations
regardless of size or complexity. Creating data storage, data security, and data destruction policies is a proactive step to limit
exposure to potential risks to an organization. When writing policies, you should have two goals. First, create the right policy for an
organization that is customized to its needs. Second, write a policy that is easy to understand and follow.
Scenario
You are part of a cybersecurity consulting firm that has been hired by Green Thumb Nursery to help develop its risk management
plan. The initial round of onsite, in-person interviews has already been conducted by your leadership team, and you are tasked with
helping them complete their data storage and security policies and their data destruction policies.
Prompt
To create new policies for Green Thumb Nursery, use the Project Two Milestone Two templates for the data storage and security
policy and for the data destruction policy. These two documents are linked in the milestone assignment in Module Five of your
course. Reference the Project Two Milestone One data inventory and data classification as needed.
You must address the critical elements listed below.
I. Data Storage and Security Policy
A. Describe the purpose of the policy using precise and succinct language.
B. Describe the people and the technology that are covered by the scope of this policy. Be specific.
C. Create an effective data storage policy that addresses all elements in the policy section of the template.
D. Create an effective data security policy that addresses all elements in the policy section of the template.
1






































































































II. Data Destruction Policy
A. Describe the purpose of the policy using precise and succinct language.
B. Describe the people and the technology that are covered by the scope of this policy. Be specific.
C. Create an effective data destruction policy that addresses all elements in the policy section of the template.
Project Two Milestone Two Rubric
Guidelines for Submission: Your submission should be two documents: the data storage and security policy; the data destruction
policy.