the most trusted source for computer security training, certification and research


Information Security Policy - A Development Guide for Large and Small Companies

Click Here
Abstract
A security policy should fulfil many purposes. It should: protect people and information; set the rules for expected behaviour by users, system administrators, management, and security personnel; authorize security personnel to monitor, probe, and investigate; define and authorize the consequences of violation; define the company consensus baseline stance on security; help minimize risk; and help track compliance with regulations and legislation.
<<Reading Room Home     <<Back to Category

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT