The Information Security Program sets the tone for the company's resources on how security practices are looked at. Developing the security program the right way can foster interoperability and streamline the organization's daily operational workflows.
This policy applies to all information systems and applications. Every application and the systems that support it must document, implement and monitor an approved level of controls suitable for the specific application. These controls must be reviewed by the IT Steering Committee on a periodic basis to ensure they meet corporate, ethical, and legislative requirements. The controls are divided into the following areas:
You should have a basic understanding of business principles.