International Journal of Advanced Research in Computer Engineering & Technology
In this paper, fundamental issues for developing information security policies are proposed. Information security is an important issue in today's organization from the business point of view. Information security management can no more be done by merely a set of hardware and software. The top-level information security policy is a key component of the organizations overall information security management framework. It should be considered as detailed information security documentation including, system level security policies, security guidance and protocols or procedures. The development of information security policy for an organization is a huge task, because it shall be based on mutually agreed visible signs, practices and images, values, basic assumptions and functions.