O'Reilly logo

Information Security A Practical Guide: Bridging the Gap between IT and Management by Tom Mooney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 10: INFORMATION SECURITY POLICY

Chapter Overview

This chapter introduces the topic of security policies, explaining their importance giving you a baseline from which to build a strong foundation. If you are looking to attain ISO27001 certification then you will need to produce security policies to form your information security management system (ISMS). This chapter is not intended to advise you on how to achieve this level of maturity, but give you an appreciation for why these policies exist and how they can be used to achieve your organisation’s goals and objectives.

It is important that security policies are created in line with the organisation’s culture; they should be an enabler, not a hindrance to staff. For example, if staff ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required