---
title: "Global Information Security Policy (GISP)"
type: concept
tags:
  - OpenText
  - Security-Policy
  - Governance
last_updated: 2026-04-14
---

# Global Information Security Policy (GISP)

## Definition
OpenText 的最高纲领性安全政策，是所有其他安全政策的根基。GISP 由全球信息安全团队（GIS）制定和支持，定期（每季度）接受领导层审查。

## Scope
- 定义企业"需要做什么"（what），同时为"如何实施"（how）提供灵活性
- 支持性政策（Supporting Policies）围绕 GISP 构建
- 鼓励反馈以实现持续改进

## Relationship to Other Concepts
- 基于 [[ISO-27001]] 姿态框架
- 与 [[Security-Awareness-Training]] 配合提升全员安全意识
- 与 [[Third-Party-Penetration-Testing]] 配合验证政策有效性

## Key Quote
> "Policies define what needs to be done, while providing flexibility for how it is implemented." — GIS Policy Framework

## Connections
- [[Global Information Security Team (GIS)]]：制定与维护团队
- [[ISO-27001]]：框架基础
- [[OpenText]]：所属组织