An information security policy is a principle or rule to guide decisions and achieve rational outcome(s) in Information Security.


European e-Competence Framework: e-CF area D. Enable and e-CF area E. Manage.


Professional profile: