Why is it necessary to define policy elements?
Discuss the terms confidentiality, integrity and availability as they relate to information systems. Why should this be included in information systems policies?
What is the importance of aligning security policies, controls and procedures with regulations?
Do you believe that training is a necessity in the implementation of new policies? Please give reasons to support your answer.