October 2022
Intermediate to advanced
398 pages
14h 14m
English
The organizational security policy framework is the foundation for the management of information security. This foundation provides internal direction and support as well as providing direction for assessments and audits. The quality of the entire information security program depends on the policies in place. Fortunately, policies can be one of the least expensive controls. Unfortunately, they are often the most difficult to implement effectively. In fact, the first control objective within the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27002 standard states that management should set a clear policy direction ...
Read now
Unlock full access