Information Security Policy ensures:
- Protection of information from deliberate, unintentional or unauthorized acquisition or unauthorized access.
- Confidentiality and Integrity of information by protecting it from unauthorized access & modification.
- Integrity of information by protecting it from unauthorized modification.
- Availability of information to authorized users when needed.
- Compliance to regulatory, legislative and contractual requirements.
- An effective ISMS through a Risk Assessment and Management approach.
- Motivation of employees to maintain the responsibility for, ownership of and knowledge about information security, in order to minimize the risk of security incidents.