This control is related to Management.
Nothing is constant in this world. The environment, vulnerabilities and business models are continuously changing. So, it becomes important to continually review the information security policy.
Information security policy should be continually monitored with respect to continuing suitability, adequacy and effectiveness. To ensure the effectiveness of information security policy, a formal [...]

Popularity: 31% [?]

If you enjoy our post, feel free to subscribes to our rss feeds

This control is related to Management and Operations.
The management should provide support and a clear policy direction across the organization in the form of a written business document for information security. Management must communicate information security policy to all employees and relevant parties including consultants, contractors, vendors, business partners etc. The information security document can [...]

Popularity: 25% [?]

If you enjoy our post, feel free to subscribes to our rss feeds