Chapter 12. Compliance and Enforcement
AFTER THE INFORMATION SECURITY POLICIES FOR the systems and networks have been written, your focus should switch to what it would take to ensure compliance and enforce the policy. It would be nice if we could trust the users and anyone with access to the organization’s network. To ensure the systems and networks are protected, you should define compliance and enforcement policies that explain what could happen when policy is broken.
Compliance and enforcement policies tend to fall outside of the technical arena that most security professionals live. By their nature, these policies require knowledge of ...
Get Writing Information Security Policies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
