Establishing an effective IT Security Policy Framework

As a consultant, draft an IT Security Policy Framework(NIST (SP 800-53), ISO / IEC 27000 series, and COBIT) for a medium-size organization.
-Describe the framework selected
-Design an IT Security Policy Framework for the organization.
-Describe the importance of and method of establishing compliance of IT security controls with U.S. laws and regulations and how organizations can align their policies and controls with the applicable regulations.
– Analyze the business challenges in developing an effective IT Security Policy Framework.
-Describe your IT Security Policy Framework implementation issues and challenges and provide recommendations for overcoming these implementation issues and challenges

-This paper should be 3-5 pages, APA format.
-Use at least three (3) quality references in this assignment and cite your work.