Need help? We are here

Actual work where 2 students given their post on this:
If you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important.
We need to give 2 responses all should have proper apa, citations and minimum one reference each for both.
Please find the two attachments of two students posts.