Elements of Policies14 Information

Elements of Policies
14 Information Security Management
 Set the tone of Management
 Establish roles and responsibility
 Define asset classifications
 Provide direction for decisions
 Establish the scope of authority
 Provide a basis for guidelines and procedures
 Establish roles and responsibilities
 Describe appropriate use of assets
 Establish relationships to legal requirements
 Guidelines
 Optional but recommended specifications