Expert Advice Community

Guest

Information Security Policy vs. IT Security Policy

  Quote
Guest
Guest user Created:   Feb 06, 2020 Last commented:   Feb 07, 2020

Information Security Policy vs. IT Security Policy

I just have a question. The document IT Security Policy is included in the Premium Toolkit, but now requires an Information Security Policy from me

What is the difference between the following 2 documents, or is there no difference between them and are these the same documents?

  • Information Security Policy
  • IT Security Policy
0 0

Assign topic to the user

Assign

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Feb 07, 2020

IT Security Policy is a document which allows your company to comply with security measures under Article 32 GDPR for Information systems and Information assets, it identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. The goal of an IT security policy is to keep systems and information confidential, available and intact.

Information Security Policy is a top-level document that defines general principles and responsibilities for information security - it does not go into details like the IT Security Policy does.

These materials will also help you regarding Information security policy:

-    What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/  

- EU GDPR Foundation Course: https://training.advisera.com/course/eu-gdpr-foundations-course/ 

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 06, 2020

Feb 07, 2020

Suggested Topics

Guest user Created:   Mar 11, 2020 EU GDPR
Replies: 1
0 0

Encrypting customer data

Guest user Created:   Feb 07, 2020 EU GDPR
Replies: 1
0 0

Questions regarding GDPR