Information Security Policy

Information Security Policy

Lech J. Janczewski (University of Auckland, New Zealand) and Andrew M. Colarik (University of Auckland, New Zealand)
DOI: 10.4018/978-1-59140-583-2.ch013


In Chapter 12, we discussed most of the information security issues that are important to IT managers, especially in the current situation of increased attacks. Perhaps the most visible and important document that relates to the attitude of management towards security issues is the Information Security Policy (ISP). (Please note that the most common understanding of the abbreviation ISP is Internet Services Provider. For clarity within this chapter only, ISP means Information Security Policy.) This document reflects all the decisions and activities required to set up a clear set of rules and procedures for company employees in terms of protecting information assets. The ISP is also used to:

Complete Chapter List

Search this Book: