Does your organization have a documented Cybersecurity Policy or Information Security Policy?

What

An overall or “master” security policy defines high-level rules that must be abided to in terms of information security. It can define a number of things but, usually acting at a high level, it typically establishes basic practices and responsibilities as well as ownership and reporting around the general security function.

It helps ensure controls are implemented uniformly across an organization and have someone responsible for carrying them out. An overall security policy reduces the risk of controls being inadequately implemented or operated by mandating them throughout the organization from senior management on down.

Why

PreviousDoes your organization conduct an annual independent information security review and act upon the fi NextDoes your organization have a formal policy on the use of mobile devices?

Last updated 2 years ago