Comparison of IT Security Policy

General or global policies. These are high-level policy statements that define the intent of a specific topic and its scope within the organization. It also assigns responsibilities for implementation and compliance with the policy. Typical information security general or global policies include:
- Information security policy
- Information classification policy
- Business continuity planning

Topic-specific policies. Key component areas of the information technology and information security areas are addressed in topic-specific policies. Unlike the general or global policies, the topic-specific policies narrow the focus to one issue at a time. Typical subjects for topic-specific policies include:
- Physical security
- Equipment security
- Network access controls
- Media disposal
- User access
- Technology disaster recovery plan

System-and application-specific policies. These policies focus on one specific system or application. As the construction of security architecture for an organization takes shape, the final element will be the translation of program and topic-specific policies to the application and system level. Typical subjects for application-specific policies include:
- E-mail usage
- Internet usage
- Anti-virus programs

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Technorati

Trackback URL for this post:

http://www.securitycompliances.com/trackback/38

User login

Who's online

There are currently 0 users and 1 guest online.

Who's new

  • himoro1778
  • ur743v256
  • handbags1314
  • pkj8o6w74
  • l0w8y4x7b3