Security Policy Exceptions

Not long ago, I was reading a debate on a Linkedin.com forum discussing all kinds of edge cases that some participants were arguing needed to be considered in a security policy regarding some particular aspect of security.  In fact, I forget what the issue was, but it was clear that… Continue reading

Why Have Security Policy?

I have found that not everyone has considered the role of security policy in an organization’s information security management program.  Therefore, I will share some of my insights with the hope that it will help others articulate it to their organizations. A Security Policy is a written document that states… Continue reading