Writing Information Security Policies

C.3. Sample Administrative Policies

PURPOSE: To establish the policies to administer and enforce these information security policies.

C.3.13. User Training

PURPOSE: To ensure all users know and understand the policies.

POLICY: All users of the Company’s networks and systems shall undergo security awareness training to explain these security policies prior to being allowed access. Current users shall undergo training within 30 days from when these policies will be put into effect.

C.3.14. Publishing and Notification

PURPOSE: To publish the policies to be accessible to all users and to notify them when they are published.

POLICY: The Human Resources Department shall be responsible for publishing the Information Security Policies and all ...

Get Writing Information Security Policies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Writing Information Security Policies by Scott Barman

C.3. Sample Administrative Policies

C.3.13. User Training

C.3.14. Publishing and Notification

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly