Develop & Deploy a Security Policy
The enterprise can't be secure if it doesn't know how; documents need to get everyone on the same page.
Send a friend or colleague a link to this article
Last Revised: May 25, 2010
- The organization has no formal documentation indicating how employees should act in order to maintain enterprise security.
- Increasing regulatory pressure is upping the ante making the lack of policy a business inhibitor.
- This solution set will guide you through the process of developing a policy, vetting it with the business, and getting it implemented.
Policy defines organizational security stance and forms the basis upon which all security decisions should be made. Studies show that developing and deploying a policy can reduce breach incidents by up to 93%.
Impact and Result
The average cost in time and dollars to create a fully custom security policy is 12 months and $50,000. Upon completion of the work outlined in this solution set you will have created that policy without those expenditures.
Get to Action
Get a crash course in Security Policy.
Understand what Policy is, how it is constructed, and how to make best use of it.
Write the policies.
Develop the actual documents that will guide enterprise security compliance.
- Systems Configuration Policy Template
- Systems Maintenance Policy Template
- Systems Change Control Policy Template
- Systems Monitoring and Auditing Policy Template
- Security Infrastructure Policy Template
- Application Security Policy Template
- Personnel Security Policy Template
- Acceptable Usage Policy Template
- Security Awareness Training Policy Template
- Account Management Policy Template
- Authorization, Identification & Authentication Policy Template
- Password Policy Template
- Data Protection Policy Template
- Media Protection Policy Template
- Physical Access Policy Template
- Incident Response Policy Template
- Contingency Planning Policy Template
- Secure Acquisitions Policy Template
- Risk Assessment Policy Template
- Security Assessment Policy Template
- Identity and Access Management (IAM) Policy
Plan for implementation.
Determine the optimal order for the deployment of individual policies.