Category: Security Policy Implementation

15.3 – Review and Modify

Executive management and Directors have a fiduciary responsibility to manage the organization in a responsible way. It is essential that they are able to exactly measure adherence to policy instructions, the efficiency, and development of organization security policies. Standardized methodologies…
15.2 – Train and Enforce Policy

The basis for any organization’s information security is security policy. Many organizations have information security policy in place to assure that their information is always protected. Adopting security policy document in itself is not enough, it is essential to make…
15.1 – Review & Write Policy

There are usually many reasons to update policies over time. Such include new technology deployment, decommissioning of old software or hardware, updated regulatory systems or the introduction of new requirements. In an organization, any change to the construct upon which…
15.0 – Identify Needs, Issues and Threats

There are important components which are necessary to have an efficient security policy implementation.  There could be an investigation into an existing security policy implementation or lack thereof. The primary motivation is to identify nexus of threats and issues. Typically,…