Information Security Policy
Information security policy is a document that defines information security for an organization.
- to comply with this requirement:
- have policy in place
- provide proof that it is followed
- Proper documentation includes:
- emails, tickets from ticketing system, and files