target audience: TECH BUYER  Publication date: Apr 2024 - Document type: IDC Perspective - Doc  Document number: # US51827724

Best Practices for Planning, Developing, and Managing Enterprise Security Policies

By:  Christopher Tozzi

Add to shopping cart $7,500.00
Back to Document Abstract

Content

List of Figures



Related Links

Back to Document Abstract

Table of Contents


  • Executive Snapshot

    • Figure: Executive Snapshot: Best Practices for Planning, Developing, and Managing Enterprise Security Policies

  • Situation Overview

    • What Are Security Policies?

    • Security Policies Versus Security Procedures

    • Why Are Security Policies Important?

    • Security Policy Challenges

    • Ambiguous Requirements

    • Technology Changes

    • Diverse Stakeholders

    • Lack of Policy Buy-In

    • Policy Bloat and Sprawl

  • Advice for the Technology Buyer

    • Base Policies on Compliance Mandates — But Be Flexible

    • Use Policy Templates — But Only as a Starting Point

    • Consult with Regulators and Auditors

    • Consider Your Capabilities

    • Assign Responsibility for Policy Creation

    • Define a Policy Review Process

    • Define a Plan for Policy Dissemination

    • Establish Regular Policy Assessments and Gap Analysis

  • Learn More

    • Related Research

    • Synopsis