Demystified IT Security Policy

Demystified IT Security Policy

Not all people know about IT Security Policy and it’s not a common policy you can find in all companies, so let’s demystified IT Security Policy:

1. IT Security Policy can be sub-sets of your IT Policies and Procedures.

2. Not all companies have IT Security Policy especially the SME Businesses.

3. Typically IT Security Policy can be seen in big companies where it’s branches is scattered around the globe.

4. If you have a big IT Organization and dedicated IT Security Team, then definitely you need to have IT Security Policy in place.

5. IT Security Policy contain lots of pages and cannot be just 1-3 pages only.

6. IT Security Policy need to be assess by different department, especially the HR.

7. Having IT Security Policy in place your Business Operation is properly aligned and structure in handling company data information.

8. IT Security Policy should be explain and discuss to all staff.

9. IT Security Policy is a living document.

10. Ownership is a key to have effective IT Security Policy in your company.

11. Your IT Security should be align to the current industry standard and compliance.

12. You should treat IT Security Policy a serious matter.