How do you need to develop safety rules
Before embarking on the development of guidance documents, it is necessary to define global policy objectives. Whether the goal is to protect the company and its interaction with customers? Alternatively necessary to protect the data flow in the system? In any case, the first step is to decide on what should be protected and why it should be protected.
Determine what rules need to be developed
Terms of information security should not be a single document. To facilitate use thereof, the rules may be included in several documents. It is for the same purpose, this book instead present a solid list of wording is divided into individual, combined meaning head. Therefore, do not try to describe the policy of a single document, you simply develop necessary guidance documents and name their heads describe the information security policy. Then they will be easier to understand, easier to implement and easier to organize the study of these documents, since every aspect of security policy will be devoted to its own section. Small sections are also easier to adjust and update.
No feedback yet