Information security policy

The policy must meet the requirements of the ISO 27001 standard and be available to all staff including third parties accessing organisational information processing systems.

This is a common failing as contractors and third parties are often overlooked.

Failure to implement this mandatory control is an automatic major non-conformity.

An Introduction To Information, Network and Internet Security
Information security policy The policy must meet the requirements of the ISO 27001 standard and be available to all staff including third parties accessing organisational information processing systems. This is a common failing as contractors and third parties are often overlooked. Failure to implement this mandatory control is an automatic major non-conformity.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security