Security Policies and Implementation Issues, 2nd Edition by Johnson

INFORMATION TECHNOLOGY SECURITY POLICIES are the foundation upon which you build good security habits. IT security policies define what business and technology risks will be controlled. Users can turn to policies for guidance in their daily work. Policies are a useful tool for creating a risk culture that protects information. The adoption and effective implementation of these policies is evidence to regulators, customers, and shareholders that due care is being taken to protect the company and its customers’ personal information. The stakes are high. Well-implemented security policies build brand confidence and help an organization achieve its goals. Poorly implemented security policies ...