After the security policy has been in the organization for some period of time – that can be anywhere from three months to a year, depending on the organization, the organization information security controls should be checked against the applicable policies. Ensure that each policy is being adhered to, as proposed, and is still applicable […]
