Updated ISO/IEC 27002:2022 - Organizational controls - 5.1 Policies for information security
Information security policy and topic-specific policies should be defined, approved by management, published, communicated to and acknowledged by relevant personnel and relevant interested parties, and reviewed at planned intervals and if significant changes occur.
Information policy sets forth rules and processes for workforce members, creating a standard around the acceptable use of the organization’s information technology, including networks and applications to protect data confidentiality, integrity, and availability.
Purpose of Information Security Policy
Compliance requires organizations to have written policies, processes, and procedures. Policies act as the foundation for programs, providing guidance, consistency, and clarity around an organization’s operations #CyberSecurity
Негізгі бет Ойын-сауық Updated ISO/IEC 27002:2022 - Organizational controls - 5.1 Policies for information security
Пікірлер: 2