Every organization, regardless of size, should have some form of written security policies and procedures, along with a plan to enforce those guidelines and a disaster and recovery plan.
Figure 30.5 – Security Policy Methodology
Referencing Figure 30.5 above, when initially developing a security policy, the recommended methodology consists of the following steps:
- Risk assessment
- Determine and develop the policy
- Implement the policy The content below this message is for members only.