Guest user Created: Feb 06, 2020 Last commented: Feb 07, 2020

Information Security Policy vs. IT Security Policy

I just have a question. The document IT Security Policy is included in the Premium Toolkit, but now requires an Information Security Policy from me What is the difference between the following 2 documents, or is there no difference between them and are these the same documents?

Information Security Policy
IT Security Policy

0 0

Assign topic to the user

Select user

Expert

Alessandra Nisticò Feb 07, 2020

IT Security Policy is a document which allows your company to comply with security measures under Article 32 GDPR for Information systems and Information assets, it identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. The goal of an IT security policy is to keep systems and information confidential, available and intact.

Information Security Policy is a top-level document that defines general principles and responsibilities for information security - it does not go into details like the IT Security Policy does.

These materials will also help you regarding Information security policy:

- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/

- EU GDPR Foundation Course: https://advisera.com/training/eu-gdpr-foundations-course//

Quote

0 2

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Feb 06, 2020

Feb 07, 2020

Expert Advice Community