Chapter 8ICS Security Governance and Risk Management
Introduction
Policies are rules that an organization adheres to. Procedures are the sequence of steps taken to enforce the organizational policies. Guidelines are recommendations provided as reference for proper implementation of policies and procedures. These three elements work together to provide employees with adequate guidance to perform their tasks within the organization.
Although each department in an organization may establish its own policies and procedures to complement organizational goals and objectives, an overall organizational security policy needs to be clearly established for all employees and departments. Management's support of a security policy is the most important component of making the organization successful in securing assets, infrastructure, and data.
Security Policies and Procedure Development
An important part of any organization's corporate policy is its cybersecurity policy. This policy supports the corporate policy by explaining the overall requirements needed to protect an organization's network data and computer systems. Generally, creation of these policies involves stakeholders ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access