Анотація:
An information security policy addresses many issues such as the following:
disclosure, integrity, and availability concerns; who may access what information in
what manner; basis on which the access decision is mademaximized sharing versus
least privilege; separation of duties; who controls and who owns the information; and
authority issues.