The topic of security policy creation is one that has been widely addressed. As such, it should be thoroughly understood and accepted that every enterprise needs such a document. Given that no security improvements will be realized until the policy is actually implemented, companies need to also focus on building a clear and strong plan for bringing the policy to life.
Implementation in Six Steps or Less
The issue of policy implementation is often poorly addressed because it seems too complicated. Breaking the process down into a series of inter-linked steps will allow the enterprise to tackle the project phase by phase. This will reduce the overall focus, resource and time commitment. The six steps are as follows:
- Obtain Management Acceptance
- Assess the Impacts
- Create a Detailed Plan
- Perform Training
- Change Existing Systems
- Implement New Solutions