Hi Thor, You've mentioned that Policies are non-specific, however AIO (Shon Harris) mentions the categorisation of the policies as Organisational, Issue Specific & System Specific. Are you trying to say non vendor/ technology specific when you say "non-specific" over here?
Are you sure she said policy not procedure? In the words of ISC2: Policy: Documents published and promulgated by senior management dictating and describing the organization’s strategic goals.
Hi Thor, You've mentioned that Policies are non-specific, however AIO (Shon Harris) mentions the categorisation of the policies as Organisational, Issue Specific & System Specific. Are you trying to say non vendor/ technology specific when you say "non-specific" over here?
Are you sure she said policy not procedure?
In the words of ISC2: Policy: Documents published and promulgated by senior management dictating and describing the organization’s strategic goals.