Up One Level


Information Security Guidelines

 

An Information Security Guidelines is a suggested action or recommendation to address an area of the Information Security Policy. A security guideline is not a mandatory action, and no disciplinary action should result from non adoption. However, Information Security Guidelines are considered Best Practice and should be implemented whenever possible.

A guideline typically uses works like "should" or "may" in the definition. Guidelines are usually written for a particular environment and are used to help guide users' actions. For example, "all successful logins should be logged and monitored." A guideline may apply to management, administrators, end users, or a specific group within the organisation.

Information Security Guidelines will usually supplement the Procedures Manuals with their adoption encouraged and promoted rather than enforced.


*** The Information Security Glossary ***
Previous PageTop of this pageNext Page



Buy Now:

 

This Glossary forms part of the RUsecure Security Policy Suite... visit RUsecure Security Policy World
Use of the guidance contained within RUsecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word
 Risk Associates: Resources for Security Risk Analysis, ISO 17799 / BS7799, Security Policies and Security Audit