Does your organization have a documented Cybersecurity Policy or Information Security Policy?

What

An overall or “master” security policy defines high-level rules that must be abided to in terms of information security. It can define a number of things but, usually acting at a high level, it typically establishes basic practices and responsibilities as well as ownership and reporting around the general security function.

It helps ensure controls are implemented uniformly across an organization and have someone responsible for carrying them out. An overall security policy reduces the risk of controls being inadequately implemented or operated by mandating them throughout the organization from senior management on down.

Why