6

INFORMATION SECURITY POLICY PROJECTS

Embarking on a project to revise or rearchitect an information security policy set for an organization is a large and complex enough project to warrant project planning. Determining the steps required to complete the project, setting a budget, and obtaining expertise and oversight are all important steps toward ensuring a successful completion of an information security policy project. This chapter outlines the basic elements of an information security policy project.

6.1  Scoping the Project

As with any project, an important early element of the project plan is to scope the project effort and extent. An information security policy project has the scoping aspects as listed in Table 6.1.

Of course, information ...

Get Information Security Policies, Procedures, and Standards now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.