Many a times there are arguments about the best way to go ahead with a plan as to the contents of Policies, Standards and Procedures. The major factor in the successful roll out of such an exercise has been debated and is more cultural and is a product of the person at the helm. However, a good evolution has to have elements that are integral to the success of the endeavour. Let us look at some of the elements of a policy. The policy is at the highest level and is a statement of the intent from the top management, agreeing to have a clear direction as to the need to protect information assets. Enforcing the policies are the standards, these are directions to achieve the goals enunciated in the policies. Many a times , once the policies are derived, it is that much more difficult to evolve a set of standards in line with what is in vogue in the organization. This is because of the fact that there are processes that have been evolved ad hoc, addressing issues over time and have become ...
Ramble on everything and anything that fancies my imagination