Information Security Policy

Get Certified Get Ahead

A high-level policy of an organization that is created to support and enforce portions of the organization’s Information Management Policy by specifying in more detail what information is to be protected from anticipated threats and how that protection is to be attained.

See NIST SP 800-152 under Information Security Policy for detailed information.

Share this Post