Acceptable Use Policy (AUP)
A document that outlines the dos and don’ts for users when interacting with an organizations IP systems and resources
Information Security Policies
Outlines how an organization protects its information assets from threats, both internal and external
Outlines: Data Classifications, Access Control, Encryption, Physical Security
Business Continuity
Focuses on how an organization will continue its critical operations during and after a disruption
Disaster Recovery
Focuses specifically on how an organization will recover its IT systems and data after a disaster
Incident Response
A plan for handling security incidents
Software Development Lifecycle (SDLC)
Guides how software is developed within an organization
Change Management
Aims to ensure that changes are implemented in a controlled and coordinated manner, minimizing the risk of disruptions