Quick policy checklist

Here's a quick checklist you can run through with your existing or new policy to help make sure you're on the right track.

By Kevin Beaver, CISSP
Here's a quick checklist you can run through with your existing or new policy to help make sure you're on
the right track:
SECURITY POLICIES CHECKLIST
How long is your policy document? Two or three pages at most are usually more than enough to cover the issues at hand.
Does the roles and responsibilities section contain more than just IT personnel? It should -- policies are a management issue, not just an IT or security issue.
Has your policy been customized to your organization's needs based on e-mail usage, known vulnerabilities, etc.?
If you hand your policy document to a middle- or even elementary-school student could he or she repeat back to you what it says? Policies should be easy to read and understand.
Does your policy state, "this is how we do it here"?
Would an average adult say that your policy is reasonable and realistic?






























RELATED INFORMATION:
Kevin Beaver is founder and principal consultant of Atlanta-based Principle Logic, LLC where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author and co-author of several information security books including the The Definitive Guide to E-mail Management and Security (Realtimepublishers.com), Hacking For Dummies (Wiley), and the upcoming Hacking Wireless Networks For Dummies. Kevin can be reached at kbeaver @ principlelogic.com.
This was last published in March 2005

Dig Deeper on Information Security Policies, Procedures and Guidelines

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close