The security policies, standards, procedures, and
guidelines are living documents. That means they are not written once and left
unchanged for years. These documents should be regularly updated in response to
changing business conditions, technologies, customer requirements, and so on.
Some form of document version control technology may be helpful in managing
this life cycle process.
In order to communicate
the security documents, it is best to keep them online or in a place
where the various audiences will be able to review and understand changes as
they are approved and implemented. Some organizations use an intranet web site
to present their security documents,
so employees can easily reference them throughout the workday.
No comments:
Post a Comment