It is very important that the participants understand no only what security policies and directives are but also what they are for, reducing errors, improving the flow of activities and involving the participants better. Unlike other activities in this manual, the present chapter is more of an expository nature and less interactive. To the extent that the facilitator feels comfortable, it is recommended to design an activity that manages to introduce the concepts.
Currently, most organizations use technology within their processes, this technology inevitably has vulnerabilities and is prone to fail or be abused. The idea of this policy is to provide safe use guidelines to the entry points of any member of the team, both at the level of devices and services on the Internet to protect the organization in the best possible way.
In any kind of organization, it's natural to arrange large amounts of highly sensitive information. The idea behind this policy is to establish a set of strategies to ensure both the physical information and the integrity of the equipment. This policy is one of the most linked daily basis tasks since it considers activities that must be carried out during the entire working day.