Monday, August 7, 2017

Information Security Policies

Policies can be used as a primary and cost effective way of assuring security in terms of information security. Hear the degree of the protection provided will depend on the policy that is being generated and on the attitude of the management on the matter.

As a policy maker ,the prime responsibility would be to set the information resource security policy for the organizations objective. It should be aligned to reducing risks, compliance with the law and regulations and assurance of operations. It should also maintain information integrity and confidentiality.

The basic rules to follow when shaping a policy

  1. Never conflict with law
  2. Stand up in court
  3. Properly sported and administered
  4. Contribute to the success if the organization
  5. Involve end user of information systems

Characteristics of an effective policy 

For a policy to be effective as expected, they must achieve the below.

  1. Properly disseminated.
  2. Well read.
  3. Understood.
  4. Agreed to it.
Now lets get to know about a brief understanding about the types of effective policies.
These are the 3 types if information security policies that have been defined.


  1. Enterprise inforsec program policy
  2. Issue specific inforsec policies
  3. System-epsecific inforsec policies.


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Images

Below images  are being used for the   Hashtag Generator and Content Authenticator research .

  • How to do phishing
    Have you ever received emails saying that you have won a grand prize or an email claiming it’s something useful, such as a coupon to ...
  • Firewall made simple
    The term firewall was initially taken from the concept of constructing walls to stop spreading of fire. This concept is used in network...