Security Policy Management

Security policy is the logical embodiment of the enterprise business requirements for security and control. It can therefore be seen as something that, once determined, is a key driver of the operational security management programme as a whole. This chapter looks at various aspects of security policy and how it is managed.

In this chapter you will learn about:

Security policy as the logical model of your business requirements for security and risk mitigation;
How to use security policy as a means to develop a strong security culture by affecting human attitudes and behaviour;
How to use risk assessment as the means to select the appropriate level of security policy;
The trade-off between complexity and ...

Get Enterprise Security Architecture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Enterprise Security Architecture by Nicholas Sherwood

Security Policy Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly