Recommended Information Security Policies

Information security policies will vary greatly across organizations because all organizations are different. They have different business goals. Their security needs are not the same. Their cultures are different.

The list of information security issues to address in a policy is endless. However, all organizations face some basic security issues. They should create policies to address these issues. The basic policies that organizations should consider include:

  • Acceptable use policies
  • Anti-harassment policies
  • Workplace privacy and monitoring policies
  • Data retention and destruction policies
  • Intellectual property policies
  • Authentication and password policies
  • Security awareness and training policies

Get Legal and Privacy Issues in Information Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.