An information security policy sets out principles and rules to protect institutional information assets, including data, systems and networks. It covers issues such as user responsibilities, password management, incident reporting and sanctions for misuse. Such policies guide technical and administrative controls to mitigate risks. Therefore, the documents described in the stem are information security policies.
Option A:
Option A, cafeteria, policy would deal with canteen operations and is unrelated to network and password use.
Option B:
Option B is correct because the focus on acceptable use of ICT resources and security incident procedures is central to an information security policy as defined in standards and guidelines.
Option C:
Option C, transportation, policy would cover commute or vehicle regulations and has no connection with ICT networks.
Option D:
Option D, alumni, policy concerns engagement with former students and not security of digital resources.
Comment Your Answer
Please login to comment your answer.
Sign In
Sign Up
Answers commented by others
No answers commented yet. Be the first to comment!