The organization of information security policy secures a company’s assets externally and internally. It provides a process and framework that will assess risk within the company while keeping security levels maintained and up to date.
Risks Addressed by Policy:
- Information can be changed and accessed by unauthorized users.
- Information technologies will not be changed and updated.
- Higher risks of external and internal breaches.