Resources for Federal Information Security Management Act (FISMA)

Five basic mistakes of security policy

www.computerworld.com

As I mentioned in my last article, security policies serve to protect (data, customers, employees, technological systems), define (the company's stance on security), and minimize risk (internal and external exposure and publicity fallout in the event of a breach). Security policy creation and dissemination are not just a good idea; both are mandated by a slew of corporate regulations, including PCI, HIPAA, and FISMA.

This story presents five mistakes that companies commonly make when writing and implementing security policies. As simplistic as some of these errors sound, they happen often enough and cause heavy damage to companies' bottom lines.

View the Resource

Share or bookmarklet this web page at: