Information Security Policy vs. IT Security Policy
- Information Security Policy
- IT Security Policy
Assign topic to the user
IT Security Policy is a document which allows your company to comply with security measures under Article 32 GDPR for Information systems and Information assets, it identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. The goal of an IT security policy is to keep systems and information confidential, available and intact.
Information Security Policy is a top-level document that defines general principles and responsibilities for information security - it does not go into details like the IT Security Policy does.
These materials will also help you regarding Information security policy:
- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
- EU GDPR Foundation Course: https://advisera.com/training/eu-gdpr-foundations-course//
Comment as guest or Sign in
Feb 07, 2020