varnost_velika

Security Policy Print

Security Policy and information management by ISO/IEC 27001:2005

 

The implementation of security policy into the company is uniform and complete approach to secure the information, and it regulates procedures and controls obligatory for all employees. It contributes to a higher information security level in the company, while providing confidentiality, integrity and availability of internal information.
Companies, following the security policy according to ISO/IEC 27001:2005 are given a competitive edge, proving that their data is secure and at the same time available when needed, even in case of unexpected situations or catastrophes.

Read more

What is security policy and what does it guarantee?

 

Security policy is defined by documents, describing processes and roles in the process of protecting information. Documents contain security rules, based on business demands, and range from general (e.g. all computers in the company have to have a anti-virus software installed) to technical (e.g. which anti-virus software is used, how should it be installed and maintained). The implementation of security policy into the company is uniform and complete approach to secure the information, and it regulates procedures and controls obligatory for all employees.



Security policy procedures enable secure access to information and ensure:

  • confidentiality: sensitive information protection against unauthorized access;
  • integrity: accuracy and integrity of information and software;
  • availability: uninterrupted availability of information and services.

varnost1


Security Policy Range

 

Security policy range is based on standard ISO/IEC 27001:2005.

 

varnost-obseg


See also