|
+ISMS.1.A3 Drawing Up an Information Security Policy [Top Management] (B) |
1. ÜbersichtISMS.1.A3 Drawing Up an Information Security Policy [Top Management] (B)An organisation's Top Management MUST adopt an overarching information security policy.This MUST describe the value of information security, the organisation's security objectives, the most important elements of the security strategy, and the organisational structure for information security. The scope of the security policy MUST be clearly defined. The policy for information security MUST explain the security objectives and how they relate to the business objectives and tasks of the organisation. The Top Management MUST communicate the information security policy to all staff and other members of the organisation. The information security policy SHOULD be updated regularly.
1.1 Referenzen1.2 Identifizierte Anforderungen1.2 Related Regulation2. Identifizierte Anforderungen
3. Related Regulations
|