Episode 10 - Information Security Policies

The next installment in the Information Security Governance Simplified Series. <br /><br />After covering the definition of information security governance (Ep. 7), the importance of aligning governance with the organization's mission (Ep. 8), and information security roles and responsibilities (Ep. 9), Ryan and Evan tackle information security policies in this episode (Ep. 10).<br /><br /> - What are policies used for?<br /> - Who approves policies and policy changes?<br /> - Who maintains policies?<br /> - Which policies are considered "standard" policies?<br /> - Policy status tracking.<br /><br />Information security policies are critical to the success of an information security program, BUT only if they're done and used properly.