PacketSource — Security White Papers
 
A A A
 

Building and Implementing an Information Security Policy

Author: Martyn Elmy-Liddiard Published April 26, 2011 from SANS

The purpose of this paper is to describe a process of building and, more importantly, implementing an Information Security Policy. The paper attempts to identify the important decisions regarding content, compliance, implementation, monitoring and active support, that have to be made in order to achieve an information security policy that is usable; a policy that lives and evolves as your organization infrastructure and operational requirements change and a policy that is understood and supported by management and colleagues.

Tags:

PDFRead the complete paper at SANS