Information Security Governance Documents
An organization’s ISG documents form the basis of its information security program. They document the organization’s commitment to information security. They are used to address:
- The organization’s information security goals
- How the organization protects its own data
- How the organization protects the data of others
- Compliance with legal and regulatory requirements
- Employee information security responsibilities
- Consequences for failing to meet responsibilities
Organizations use policies, standards, guidelines, and procedures to create their security program. These documents work together to support information security goals. A formal policy is the highest-level governance document. Standards are the ...
Get Legal and Privacy Issues in Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
