Describe how to design, organize, implement, and maintain IT security policies.
Key Concepts
- Core principles of policy and standards design
- Implementing policy and libraries
- Policy change control board purpose and roles
- Business drivers for policy and standards changes
- Best practices for policy management and maintenance
Keywords
Use the following keywords to search for additional materials to support your work:
- Information Systems Security (ISS)
- IT Security Policy Framework
- Policy Change Control
- Policy Change Control Board (PCCB)
- Policy Maintenance
- Policy Management
- Security Policy
Some organizations keep documents in Word format and publish them in PDF format. Other organizations use tools like Governance, Risk, and Compliance (GRC). What makes one type of tool better than the other?