Information Security

by Andy Taylor

Step 5 – Implement your control policy

How you implement your new security policy will depend very much on the types of control that have been selected. In some cases, it will simply be a case of writing a directive for the staff warning them of the consequences of using or accessing information inappropriately. In other cases, there may need to be an implementation of some technological control, such as a CCTV system, or a firewall or other device.

For additional measures that may be required, see An acceptable usage policy, Legal aspects and Getting rid of information.