Security Basics mailing list archives
Measuring policy compliance
From: Daryl Haines <darylhaines () liberata com>
Date: 23 Sep 2003 15:27:22 -0000
Hi, What's the most effective solution for measuring policy compliance for non-technical policies? Technical policy compliance can be measured using vulnerability assessments etc based on baselining. But how would you measure compliance for say your Acceptable Use Policy. Does anyone use scorecards? If so, is using a scorecard a good means to measuring policy compliance as opposed to standards compliance? Any thoughts on this subject would be much appreciated Thanks Daryl Haines Information Security Officer --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Measuring policy compliance Daryl Haines (Sep 23)