Directory of information security policies,
& baseline standards, and
information security policy resources.

 Directory of information security policies and policy resources Contact Us Front Page

Information Security Policy Objectives

An Information Security Policy usually has the following objectives:

  • To protect the organisation's business information and any client or customer information within its custody or safekeeping by safeguarding its confidentiality, integrity and availability.
  • To establish safeguards to protect the organisation's information resources from theft, abuse, misuse and any form of damage.
  • To establish responsibility and accountability for Information Security in the organisation.
  • To encourage management and staff to maintain an appropriate level of awareness, knowledge and skill to allow them to minimise the occurrence and severity of Information Security incidents.
  • To ensure that the organisation is able to continue its commercial activities in the event of significant Information Security incidents.
  • To provide suitable coverage of International Standards ISO 17799 and BS 7799.



Copyright © 1993-2001