Building and Implementing an Information Security Policy

This paper describe a process of building and, implementing an Information Security Policy, identifying the important decisions regarding content, compliance, implementation, monitoring and active support, that have to be made in order to achieve an information security policy that is usable; a policy that lives and evolves as your organization infrastructure and operational requirements change and a policy that is understood and supported by management and colleagues.