ABSTRACT
The Security policies are the foundation of security infrastructure. A security policy is a document or set of documents that describes, at a high level, the security controls that will be implemented in the company. The key to acceptance of and compliance with security policies is education. The goal is to get the word out, engage the end users, and help them understand that security is a necessity and that it can provide a bit of fun. The policy life cycle illustrates the process that should follow to ensure proper development, enforcement, and monitoring of policies. The results of the risk assessment, establish policies to enforce the controls needed to remove, mitigate, or transfer risk. The monitoring phase is the final, ongoing phase of the policy life cycle. The purpose of this policy is to ensure that sensitive and proprietary information is appropriately protected from modification or disclosure.
