Universities and other educational institutions are subject

Universities and other educational institutions are subject to avariety of legal requirements including FERPA and HIPAA, among others.Read the article linked below, the SANS Institute security policies,and other Internet sources on university data breaches and on policies,including the samples available through the link provided above underReadings and Research of the ISO/IEC 27001 support site. Ramakrishna Ayyagari and Jonathan Tyks (2012), ‘Disaster at a University: A Case Study in Information Security,’ Journal of Information Technology Education: Innovations in Practice (Volume 11). Retrieved from http://www.jite.org/documents/Vol11/JITEv11IIPp085-096Ayyagari1035.pdf SANS Institute, Information Security Policy Templates. Retrieved from http://www.sans.org/security-resources/policiesTask DescriptionChoose one of the policy and procedure areas identified as deficient inthe case study and draft a security policy to mitigate thevulnerability. Also include provisions for user training, enforcement,and disciplinary activities. DeliverableYour Security Policy should be written following APA guidelines,***4-5*** pages using 12-point font, and including title, executive summary, andreference pages. Please include 4 references. Include an update table and a sign-off area. Submityour Security Policy to the Dropbox titled for this activity by the datespecified by your instructor.