To ensure information security of any company it is necessary that there are clear rules and procedures that should be followed by all employees. The greatest difficulty of large companies is to ensure that all users know and follow its rules and procedures and understand its importance. A Security Policy Information must contain a set of standards, methods and procedures, which should be communicated to all employees. The document should be reviewed and revised periodically, at regular intervals or when the implementation of changes is required.
An Information Security Policy has as main objectives:
The implementation of an Information Security Policy ensures the protection of confidential information in the organization, reducing risk and establishing plans rapid recovery attacks. This implementation increases confidence between trading partners also promoting international recognition.