Security
Information Security Policies
Rationale
As organizations are adapting to new security measures, a revision of the internal IS security policies is necessary. The activities to undertake such an initiative can be summarized in 8 tasks as per table below.
| Task | Activity | Comments |
| 1 | Review existing security policy and identify gaps | Ensure if readability of the policy is adequate for all stakeholders. |
| 2 | Research current methodologies and tools to implement an effective security policy | Review updated encryption and password construction mechanisms. Reorganize the policy for improved readability and ensure that each policy has control mechanisms. |
| 3 | Train internal team for readiness | Include security, disaster, data breach and drills in the relevant policies. |
| 4 | Obtain necessary budgetary figures | Build the necessary business case with associated risk for each budget line. |
| 5 | Prepare the executive team for the changes | Obtain the necessary executive buy-in and sponsorship to implement the necessary changes. |
| 6 | Set expectations | Clearly explain what risks are being mitigated and the effort required. |
| 7 | Set timeline | Set reasonable timelines whilst avoiding unnecessary rush and pressure on the various teams. |
| 8 | Prepare all organization for the changes ahead | Communicate, monitor and communicate again. |
The following handbook encompasses the most common security policies. Please reach out for a word document.
rcami
0
Tags :