Complying with Information Security Policy

Compliance with your organisation's Information Security Policy is mandatory. This topic discusses ways of ensuring that compliance is achieved and failures to comply are actioned.

The compliance monitoring process could lead to resentment among staff, unless it is handled sensitively.

To view the related Policy click      

  • Complacency over Information Security Policy compliance may inadvertently expose your organisation to legal action.

  • Regular use of software tools to monitor technical compliance will provide your organisation with information about strengths and weaknesses of your Information Security.
  • Initiate periodic internal assessments ('Internal Audit') and / or external assessors (where appropriate) to assess the degree of compliance with your Information Security Policy.
  • Plot the results of assessment and perform a gap analysis to pinpoint problems and identify successes. Feed the results into your Information Security Plan.
  • The integrity of an Information Security audit can be threatened where software tools (for probing and analysis) are accessible to unauthorised users who might corrupt / modify the results. See Access Control.

  • Protect access to the tools (for probing and analysis) and their associated data files to safeguard the integrity of the results. See Access Control.
Previous PageTop of this pageNext Page

Information Security Policies from US$595


Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word


Next PageUpPrevious Page