|
Term |
Definition |
|
- Information Security |
The act of protecting information that may exist in any form, whether spoken, written, processed, or transmitted electronically, etc. from unauthorized access, use, disclosure, disruption, modification or destruction, with the objective of ensuring business continuity, minimizing business risk, and maximizing return on investments and business opportunities. |
The direction on information security must come from the top. Not much can be done in terms of implementing cyber security in daily operations without any policy on information security by management.
The purpose of this policy is to establish a policy for the information security management system (ISMS) that clearly defines the objectives for implementing the management system and demonstrates management commitment for providing all needed requirements for establishment, maintenance, and continual improvement of the management system.
|
Roles |
Responsibilities |
|
Chief Information security Officer (CISO) |
- Ensure that this document is upda... |