Information security policy

Information security policy document

A written policy document should be approved by management, be published and communicated to all employees responsible for information security in a manner that is understandable to the intended reader.

Review of the information security policy

The owner of the policy must ensure that the policy is reviewed according to a determined schedule, both time and event based.

An Introduction To Information, Network and Internet Security
Information security policy Information security policy document A written policy document should be approved by management, be published and communicated to all employees responsible for information security in a manner that is understandable to the intended reader. Review of the information security policy The owner of the policy must ensure that the policy is reviewed according to a determined schedule, both time and event based.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security