From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Join today to access over 23,200 courses taught by industry experts.
Security policy framework
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Security policy framework
- [Instructor] Security professionals do a lot of writing. We need clearly written guidance to help communicate to business leaders and users and each other about security expectations and responsibilities. In some cases, we're setting forth mandatory rules that everyone in the organization must follow while in other cases, we're simply giving advice. Each of these roles requires communicating a little bit differently, that's where the Security Policy Framework comes into play. Most security professionals recognize a framework consisting of four different types of document; policies, standards, guidelines, and procedures. Security policies are the bedrock documents that provide the foundation for an organization's information security program. They are often developed over a long period of time and are very carefully written to describe an organization's security expectations. Compliance with policies is mandatory and…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.