Definition Edit

A computer security policy refers to

[s]enior management's directives that create a computer security program, establish its goals, and assign responsibilities. The term 'policy' is also used to refer to the specific security rules for particular systems. Policy may also refer to entirely different matters, such as the specific managerial decisions setting an organization's e-mail privacy policy or fax security policy.[1]
[t]he high-level policy for the security services that are to be supported by a computer for protecting its applications, stored data, and communications, and the rules to be followed in verifying user identities and authorizing their requests before they are granted.[2]

References Edit

  1. DM3595-001, at 6.
  2. NIST Special Publication 800-152, at 127.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.