Understand the basic security concepts and use of security policy and procedures.
Much of what information system security deals with is avoiding security incidents and recovering fully when incidents do occur. These activities are only possible as a result of the required planning for developing and implementing a comprehensive security policy. This objective covers the areas a security policy addresses and the procedures necessary for implementation.
Separation of Duties
Need to Know
Securing Removable Media with Disposal and Destruction ...