Last Wednesday I joined the meeting of my department. One of many parts was about security. Mr Sahassawat from AC InfoTech described about the security to us.
The reason that the organization needs security policy consists of to protect the organization, protect business and employees, set the rules for expected behavior- the prohibited activities, be used for authorize activities, be used for approved operational steps, and legal compliance.
Policy is a part of security the global standard of security is ISO27001 (Global Standard Code of Protection for information security management). Now Thailand has 20 certificates of this ISO.
Policy can declare the direction of the organization and policy is an intelligent property of the organization.
No comments:
Post a Comment