Anatomy of an Infrastructure Policy

Individual security policies frequently look and feel alike. This makes them easy to read and understand. The challenge is how to organize policies as a collection. Policies need to be easily accessible and align to how an organization manages its IT environment.

There is no limit to the number of ways to organize collections of policies. Three common ways, though, are to organize by functional area, by layers of security, or by domain. Of course, you don’t have to utilize these methods, but they are easy to understand and logical.

Creating policies by functional area of responsibility is a challenge. The advantage of this method is that the policies can be tailored for a specific audience. The disadvantage ...

Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.