Define the information security policy

The organisational Information Security Policy must be developed and set out, at a high level, the organisation's statement of intent in the area of information security. This policy may be supported by subordinate policies, but the top level policy should be short, simple and to the point.

This policy must be endorsed by the senior person in the organisation's management structure and be available to all staff and third parties using the organisation information processing systems in an appropriate form.

This process will produce and distribute the Information Security Policy.

An Introduction To Information, Network and Internet Security
Define the information security policy The organisational Information Security Policy must be developed and set out, at a high level, the organisation's statement of intent in the area of information security. This policy may be supported by subordinate policies, but the top level policy should be short, simple and to the point. This policy must be endorsed by the senior person in the organisation's management structure and be available to all staff and third parties using the organisation information processing systems in an appropriate form. This process will produce and distribute the Information Security Policy.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security