Raymond Pompon, IT Security Risk Control Management, 10.1007/978-1-4842-2140-2_11

11. Policy

Raymond Pompon¹

(1)Seattle, Washington, USA

A common disease that afflicts management and government administration the world over is the impression that “Our problems are different.” They are different, to be sure, but the principles that will help to improve quality of product and of service are universal in nature.
—W. Edwards Deming, Out of the Crisis

Security policy is the bedrock for controls and processes. An effective security policy serves the users, business processes, and technology of the organization. The policy should be universally understood and relevant for the current risks. This chapter explains security policies ...

Get IT Security Risk Control Management: An Audit Preparation Plan now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

IT Security Risk Control Management: An Audit Preparation Plan by Raymond Pompon

11. Policy

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly