November 2001
Intermediate to advanced
240 pages
6h 27m
English
There is no rule as to how often policy documents are reviewed. When I work with organizations, I suggest that they be reviewed sometime between six months and one year. Six months seems like enough time to see if patterns exist that require policy adjustment (see the sidebar, “Recognizing Security Patterns”). However, some believe that a longer period is necessary. But if you let it go longer than a year, you could run the risk of having problems fester—thus causing a disrespect for the policies and leading to them being ignored.
Recognizing Security PatternsWhile administrators monitor and enforce the policies, they may discover that waiver requests are made under similar circumstances or that audit ... |
Read now
Unlock full access