Chapter 2

Cybersecurity Policy Organization, Format, and Styles

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

  • Explain the differences between a policy, a standard, a procedure, a guideline, and a plan.

  • Know how to use “plain language when creating and updating your cybersecurity policy.”

  • Identify the different policy elements.

  • Include the proper information in each element of a policy.

In Chapter 1, “Understanding Cybersecurity Policy and Governance,” you learned that policies have played a significant role in helping us form and sustain our social, governmental, and corporate organizations. In this chapter, we begin by examining the hierarchy and purpose of guiding principles, ...

Get Developing Cybersecurity Programs and Policies, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.