O'Reilly logo

CISSP in 21 Days - Second Edition by M. L. Srinivasan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security policies, standards, procedures, and guidelines

Policies, standards, procedures, and guidelines form a quartet of organizational mechanisms in protecting information:

  • Security policies are high-level statements that provide management intent and direction for information security. They describe the what of the description.
  • Security standards provide prescriptive statements, control objectives, and controls for enforcing security policies. In a way, they provide the how of the description. They can be internally developed by the organization and/or published by standard bodies, such as National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), or country-specific standard bodies.
  • Security ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required