Develop Security Awareness Programs › Educate the Security System Users › Communicate the Security Policy

Communicate the Security Policy

In order for the security policy, or document of security objectives to be understood and accepted within the organization, it must be effectively communicated to all users. It is recommended that you use a combination of the following methods of communication:

• Global Distribution: Global distribution of the physical document to all users. The document can be included with your organization’s personnel policies and procedures manual.
• Formal Presentations: Formal presentation of security objectives to all users. This can be included with CA Top Secret training.
• Performance Review Checklist: Inclusion of adherence to security policy in the job performance review checklist.

You must make clear to each user the position the organization takes on security issues and the responsibilities of each user toward the security program.