Comments on: USB port control policy http://itknowledgeexchange.techtarget.com/itanswers/usb-port-control-policy/ Fri, 24 May 2013 07:13:09 +0000 hourly 1 By: kevinbeaver http://itknowledgeexchange.techtarget.com/itanswers/usb-port-control-policy/#comment-60049 kevinbeaver Wed, 18 Feb 2009 15:23:40 +0000 #comment-60049 You definitely need to get the right people on board and determine the underlying business issues before putting a policy in place. Otherwise, it’ll just for show, people will ignore it, and it won’t be enforceable. Effective security policies have the following sections:

#Introduction
#Purpose
#Scope
#Roles and responsibilities
#Policy statement
#Exceptions
#Procedures
#Compliance
#Sanctions
#Review and evaluation
#References
#Related documents
#Revisions
#Notes

Also, check out my other articles on security policies I’ve written for TechTarget and others at http://www.principlelogic.com/policies.html.

]]>