Security assessments are important within information systems because they allow for regulations to be placed on new implemented security software. Security assessments analyze, prioritize, and help conduct new assessments within an organization and make sure their standards of security are being reached. The security assessment policy includes what the enterprise must do, how the enterprise must do it, and a template for individual enterprise requirements.
Risks Addressed by Policy:
- Information systems are not as secure and information is not properly protected.
- Systems become outdated which increases the chance of an attack.