The enforcement of an organizations IT security policies typically begins when the hard work of creating the policy and providing initial security awareness is done. How an organizations implements compliance depends largely on their governance and management structure & policies. Chapter 14 discusses legal considerations organizations should consider when enforcing security policies.
1. How can an organization use monitoring to enforce security policies?
2. What legal implications maybe encountered when an organizations attempts to enforce their security policies?
3. What is the significant difference between automated and manual policy enforcement?
4. What are some “best” practices YOU recommend for enforcing an organizations security policies?