Transcription of The IT Security Policy Guide
{{id}} {{{paragraph}}}
Page 1 The IT Security Policy Guide Why you need one, what it should cover, and how to implement it By: Page 2 Table of Contents 1. Introduction 3 2. What is a Security Policy ? 3 3. Why is a Security Policy Necessary? 4 4. The Security Policy Problem 5 5. What a Policy Should Cover 5 6. Types of Policies 6 7. Policy Content 7 8. Policy Implementation 8 9. Policy Review 9 10. Summary 10 Page 3 1. Introduction Note: This document is organized into sections, which may or may not be applicable depending on where you are in your Security Policy development process. Feel free to skip ahead to the section that applies best to you. There is no right or wrong way to begin the process of developing a Security Policy . No single Policy or Security strategy will work for every organization.
• The Sarbanes-Oxley Act (SOX) • Massachusetts 201 CMR 17.00 • The ISO family of security standards • The Graham-Leach-Bliley Act (GLBA) All these require, in some form, a written IT security policy. 4. The Security Policy Problem Simply put, security policies are not easy to create. The process of getting a security
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}