Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

Can security policies be implemented without procedures and guidelines ?

user-image
Question ajoutée par ABDELMAJED AHMED SAEED , Cyber Security GRC Manager , Medgulf
Date de publication: 2016/05/28
Sven Wetter
par Sven Wetter , Chief information security consultant , CertISO Sweden

Hello Abdelmaied

My point of view is that a policy sets the guidelines for its purpose, it needs structure to have its purpose translated to real life. The structure would consist of:

- Procedures

- Understanding of threats, vulnerabilities and impact

- Control and reporting systems

- Continuous vigilance and training

- Desk top or real life threat exercises

More Questions Like This