From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Join today to access over 23,200 courses taught by industry experts.
Security policy framework
From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Security policy framework
- Security professionals do a lot of writing. We need clearly written guidance to help communicate to business leaders and users and each other about security expectations and responsibilities. In some cases we're setting forth mandatory rules that everyone in the organization must follow, while in other cases were simply giving advice. Each of these roles requires communicating a little bit differently, and that's where the security policy framework comes into play. Most security professionals recognize a framework consisting of four different types of documents: policies, standards, guidelines, and procedures. Security policies are the bedrock documents that provide the foundation for an organization's information security program. They're often developed over a long period of time, and they're very carefully written to describe the organization's security expectations. Compliance with policies is mandatory and…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.