1.2. Task 1.2: Determining Which Security Policy Is Most Important

Security policies are the lifeblood of any organization. Once you've performed a risk assessment, you can begin to lock in these findings in the security policy. The policy should spell out what should be protected, how it should be protected, and what value it has to senior management. Be sure to specify these concerns in written documents. You must also verify that the policies comply with all federal, state, and local laws.

Policies play such an important role because they put everyone on the same page and make it clear where senior management stands on specific issues. Policies help define how security is perceived by those within an organization. Policies must flow from ...

Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.