Skip to main content

Information Security Policy

« Back to Glossary Index

A written account of the security strategy and goals of an organization. A security policy is usually comprised of standards, policies (or Standard Operating Procedures) and guidelines. All hardware, software, facilities and personnel must abide by the terms of the security policy of an organization. (Also known as security policy.)