Security policies are the foundation basics of a sound and effective security implementation. Organizations usually implements technical security solutions without first creating this foundation of policies, standards, guidelines, and procedures, thus unintentionally creating unfocused and ineffective security controls. To avoid these security policies are required. Now the question is what exactly security policies are. Let discuss the same in this post. Security policy is an overall general statement produced by senior management or a selected policy board or committee of an organization that dictates what role security plays within that organization. There are certain factors that security policies should follow and some of these are:
Security policy is a statement that dictates what role security plays within that organization. 3 types of security policies are regulatory, advisory & informative
Chandana is working as a Senior Content Writer in Simplilearn.com and handles variety of creative writing jobs. She has done M.A. in English Literature from Gauhati University. A PRINCE2 Foundation certified, she has a unique and refreshing style of writing which can engross the readers to devour each sentence of her write-ups.
Disclaimer: "PMI®", "PMBOK®", "PMP®", "PMI-RMP®", "CAPM®" and "PMI-ACP®" are registered marks of the Project Management Institute, Inc.
The Swirl logoTM is a trade mark of AXELOS Limited.
ITIL® is a registered trade mark of AXELOS Limited.
PRINCE2® is a Registered Trade Mark of AXELOS Limited.
MSP® is a Registered Trade Mark of AXELOS Limited
Certified ScrumMaster® (CSM) and Certified Scrum Trainer® (CST) are registered trade marks of SCRUM ALLIANCE®
Professional Scrum Master is a registered trademark of Scrum.org
The APMG-International Finance for Non-Financial Managers and Swirl Device logo is a trade mark of The APM Group Limited.
The Open Group®, TOGAF® are trademarks of The Open Group.
IIBA®, the IIBA® logo, BABOK® and Business Analysis Body of Knowledge® are registered trademarks owned by International Institute of Business Analysis.
CBAP® is a registered certification mark owned by International Institute of Business Analysis. Certified Business Analysis Professional, EEP and the EEP logo are trademarks owned by International Institute of Business Analysis.
COBIT® is a trademark of ISACA® registered in the United States and other countries.
CISA® is a Registered Trade Mark of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute.
CISSP® is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2).
CISCO®, CCNA®, and CCNP® are trademarks of Cisco and registered trademarks in the United States and certain other countries.