CIS 550 Term Paper DigiNotar Part 6B
The Director of Information Security, in conjunction with the Chief Information Officer, has the authority and responsibility to establish information security policies, guidelines, and standards. DigiNotar’s security policy will document all critical information for past present and future use. This policy must be reviewed, monitored and updated on a regular basis, otherwise it will become obsolete. All policies and procedures must be documented and accessible to all individuals. There must also be documentations for all activities acknowledged by the policies and procedures. There must be a retention period of six years after its initial conception……………..