Call Us: 888 641 0500
24
JAN
2011

How often should we update information security policies?

A good rule of thumb is this:  Information security policy documents should be updated at least once a year, or whenever a major change occurs in the business that would impact the risk of the organization.  Examples of these changes could be a merger, a new product or line of...
11
JUN
2009

Effective Security Policy Management – Part 6

Part 6. A Verified Audit Trail Security policy documents will not be effective unless they are read and understood by all members of the target audience intended for each document. For some documents, such as Internet Acceptable Use or Code of Conduct, the target audience is...
28
AUG
2007

Required Acknowledgement of Security Policy Changes

Legal precedents are beginning to dictate a new standard for the notification of policy changes to your customers and employees. In the “old days” organizations would post changes to information security policies on the corporate intranet, and perhaps even notify...