Quick policy checklist

Here's a quick checklist you can run through with your existing or new policy to help make sure you're on the right track.

By Kevin Beaver, CISSP
Here's a quick checklist you can run through with your existing or new policy to help make sure you're on
the right track:
SECURITY POLICIES CHECKLIST
How long is your policy document? Two or three pages at most are usually more than enough to cover the issues at hand.
Does the roles and responsibilities section contain more than just IT personnel? It should -- policies are a management issue, not just an IT or security issue.
Has your policy been customized to your organization's needs based on e-mail usage, known vulnerabilities, etc.?
If you hand your policy document to a middle- or even elementary-school student could he or she repeat back to you what it says? Policies should be easy to read and understand.
Does your policy state, "this is how we do it here"?
Would an average adult say that your policy is reasonable and realistic?






























RELATED INFORMATION:
Kevin Beaver is founder and principal consultant of Atlanta-based Principle Logic, LLC where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author and co-author of several information security books including the The Definitive Guide to E-mail Management and Security (Realtimepublishers.com), Hacking For Dummies (Wiley), and the upcoming Hacking Wireless Networks For Dummies. Kevin can be reached at kbeaver @ principlelogic.com.
This was first published in March 2005

Dig deeper on Information Security Policies, Procedures and Guidelines

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close