O'Reilly logo

Writing Information Security Policies by Scott Barman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How Policies Should Be Developed

Before policy documents can be written, the overall goal of the policies must be determined. Is the goal to protect the company and its interactions with its customers? Or will you protect the flow of data for the system? In any case, the first step is to determine what is being protected and why it is being protected.

Policies can be written to affect hardware, software, access, people, connections, network, telecommunications, enforcement, and so on. Before you begin the writing process, determine what systems and processes are important to your company’s mis-sion. This will help you determine what and how many policies are necessary to complete your mission. After all, the goal here is to ensure that you ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required