Company A acquires Company B. Neither company has an organization-wide Human Resources Risk Mitigation policy or process. Both companies know that, if they continue to grow, an organization-wide Human Resources Risk Mitigation policy or process will be valuable information for management control. You play the role of a system administrator in this assignment. The newly appointed chief information officer (CIO) and human resources (HR) manager have appointed you to develop a plan to reduce the human risk factors in information technology (IT) security and information access controls.
Consider Acceptable Use Policy and Security Awareness concepts and write a brief policy for each. Consider things that need to be in each policy and also include how you would communicate these to your employees.