Improving Information security: the Importance of policy and procedures

Weak information security (Infosec) policies and procedures, and inappropriate user access to networks and systems, havw been identified as key risks for many government agencies. The National Cyber Security Centre (NCSC) has developed the following guidance to help agencies address these issues and improve their Infosec capability and maturity.

Improving information security: The Importance of policy and procedures