Sunday, September 16, 2007

IT Security Management -Policies , Procedures , Standards & Guidlines

IT Policies or IT Central Directives

They are high-level statements which state the Management's direction in information
security & privacy.

It will state Organizational setup of IT security structure, workstations or
computers' security.

It will establish the framework and basis of Information security of a organisation

Examples of internationally recognized frameworks include ISO27001, SOX, ITIL,COBIT etc.

In my next post, I will talk about procedures which are detailed instructions on the execution of IT policies

Click on Video below on SOX 404 explanation :

Click Here for more information on writing IT policies!


No comments: