Security policy in the age of compliance
A properly drafted and implemented security policy serves to protect information, systems and even people; it sets guidelines for expected employee behavior, and authorizes security personnel to monitor, probe, investigate, define, and determine the consequences of violating the policy.
More generally, security policies help define the company's overall stance on security issues and minimize internal and external risk exposure. What is even more relevant for this article is that a policy will also incorporate guidelines from various corporate regulations.
[ Read more ]