Order Instructions Part 1: Issue-Specific Security Policies NIST SP 800-12 Rev 1 recommends three types of information security policies to help organizations create, maintain, and develop an effective Information Security Program, with the objective of reducing risks, complying with laws and regulations, assuring operational continuity, and applying informational confidentiality, […]