Read the original article: Exceptions to Security Policy – What are and how to deal with them?
By Yuri Braz, CISSP, CRISC, PMP Information Security, or cybersecurity, has become more relevant every day. One of the main reasons is because information has become the main asset of most companies. Thus, this information needs to be safeguarded or companies would not be able to create value for society and its shareholders. Large institutes, such as (ISC)², help to develop and democratize the information security field, so that today the majority of medium and large companies have an information security policy. An infosec policy is the first step towards risk governance, essential for the practice of due care and…
Read the original article: Exceptions to Security Policy – What are and how to deal with them?