- Identify sensitive information and critical systems.
- Incorporate NIST Information Security Standards along with local, state, and federal laws, as well as relevant ethical standards.
- Define organizational security goals and objectives.
- Set a course for accomplishing those goals and objectives.
- Ensure that necessary mechanisms for accomplishing the goals and objectives are in place.
The Logic of Well-Planned Policy
If: Organizational needs define policy
and: Policy guides personnel and technology decisions
then: Personnel and technology serve organizational needs.
For more information, please contact our office at 704.321.2271 or email email@example.com