< All Topics

Security policies define the objectives and constraints for the security program. Policies are created at several levels, ranging from organization or corporate policy to specific operational constraints (e.g., remote access). In general, policies provide answers to the questions “what” and “why” without dealing with “how.” Policies are normally stated in terms that are technology-independent.

Source: NIST SP 800-82 Rev 2

Click to rate this post!
[Total: 0 Average: 0]
Previous Risk Management
Next Sensitive Information
Table of Contents