A security policy is a set of objectives, the rules of behavior for users and administrators, and the requirements for system and management that collectively are designed to ensure the security of computer systems in an organization.
A very good introduction to security policies and the components that should be in a security policy is available in RFC 2196, Site Security Handbook. This RFC is a guide to developing computer security policies and procedures for sites that have systems on the Internet. The purpose of the handbook is to provide practical guidance to administrators trying to secure their information and services. The subjects covered include policy content and formation, a broad range of technical system and network security topics, and security incident response. This RFC defines a security policy as "a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide."
Was this article helpful?
What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.