Security Governance : Good Security Policy Essay
Good security program require definition and understanding at all levels (Winkler & Gomes, 2016). The definition of the good security program comes in the form of security governance (Winkler & Gomes, 2016). Good security governance require planning, identifying assets, and assigning security resources to protect the assets (Winkler & Gomes, 2016). To formalize security governance, organizations need to define critical documents which are standards, procedures, policies, and guidelines (Winkler & Gomes, 2016). The following is an examination of security policies.
Good Security Policy
Security policy is the organization 's definition of security, outlining security governing principles (Winkler & Gomes, 2016). Organizations should put a great amount of effort to formulate a good security policy (Winkler & Gomes, 2016). A good security policy should be well documented, reviewed, and maintained regularly (Zamora, 2016).
To develop a good security policy, organizations must incorporate the strategic direction of the company in the policy development phase (Zamora, 2016). Furthermore, the policy must identify the process and requirement for security without specifying the technology (Zamora, 2016). Specifying the technology can get the policy outdated when new technologies emerge (Zamora, 2016).
Security Policy Components
Each security policy is different in term of the aim of the policy and the security issue each policy address (Kostadinov, 2014). Although…