When Policies Should Be Developed
Ideally, the best time to define your policies should be before your first security problem. By doing this early, your security administrators will understand what to protect and what enforcement measures can be used. Also it is always easier to write policy for a developing infrastructure rather than trying to retrofit it into an existing business environment.
Mitigating Liability
As you might or might not know, all business processes come with a certain amount of risk. Safeguards are placed into our business processes to mitigate this risk. A security policy takes business processes into consideration and applies best practices to protect them. This can help reduce the liability after loss of critical ...
Get Writing Information Security Policies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
