THE SECURITY OF AN ORGANIZATION'S INFORMATION is a direct result of the quality of its security policy. The security policy states the importance of security and defines a secure environment. Once a solid security policy is defined, it must be put it into practice. Administering the components of a security policy means creating and deploying controls that ensure compliance with the policy.

In this chapter you'll learn how to ensure that your organization meets your security policy's goals. You'll learn about the responsibilities of a security administrator and the tasks needed to go from a policy to usable controls. You'll also learn how important it is to constantly review and measure performance ...