O'Reilly logo

CISSP For Dummies, 4th Edition by Peter Gregory, Lawrence Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Policies, Standards, Guidelines, and Procedures

Policies, standards, guidelines, and procedures are all subtly different from each other, but they also interact with each other in a variety of ways. It’s your job as a CISSP candidate to study these differences and relationships, and also to recognize the different types of policies and their applications. To successfully develop and implement information security policies, standards, guidelines, and procedures, you must ensure that your efforts are consistent with the organization’s mission, goals, and objectives (see the preceding sections).

Policies, standards, guidelines, and procedures all work together as the blueprints for a successful information security program. They

check.png Establish governance.

check.png Provide valuable guidance and decision support.

check.png Help establish legal authority.

Too often, technical security solutions are implemented without these important blueprints. The results are often expensive and ineffective controls that aren’t uniformly applied and don’t support an overall security strategy.

instantanswer.eps Governance is a term that collectively ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required