Process—Administration
Involvement of the executive staff in the development and management of information security policies is important to the effectiveness of your program. Executives need to set an example for other employees by complying with information security policies. In some cases, a security policy might restrict an employee's ability to complete his job. If your management team doesn't support (and comply) with policies, employees will ignore or find ways to circumvent them.
Human resources and your legal staff should be involved when drafting policies that affect employees. This ensures that your security policies are consistent with other company policies and do not conflict with local labor laws or employee rights. If you fail ...
Get Executive Guide to Information Security, The: Threats, Challenges, and Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
