33 lines
1.1 KiB
Markdown
33 lines
1.1 KiB
Markdown
---
|
||
title: "Global Information Security Policy (GISP)"
|
||
type: concept
|
||
tags:
|
||
- OpenText
|
||
- Security-Policy
|
||
- Governance
|
||
last_updated: 2026-04-14
|
||
---
|
||
|
||
# Global Information Security Policy (GISP)
|
||
|
||
## Definition
|
||
OpenText 的最高纲领性安全政策,是所有其他安全政策的根基。GISP 由全球信息安全团队(GIS)制定和支持,定期(每季度)接受领导层审查。
|
||
|
||
## Scope
|
||
- 定义企业"需要做什么"(what),同时为"如何实施"(how)提供灵活性
|
||
- 支持性政策(Supporting Policies)围绕 GISP 构建
|
||
- 鼓励反馈以实现持续改进
|
||
|
||
## Relationship to Other Concepts
|
||
- 基于 [[ISO-27001]] 姿态框架
|
||
- 与 [[Security-Awareness-Training]] 配合提升全员安全意识
|
||
- 与 [[Third-Party-Penetration-Testing]] 配合验证政策有效性
|
||
|
||
## Key Quote
|
||
> "Policies define what needs to be done, while providing flexibility for how it is implemented." — GIS Policy Framework
|
||
|
||
## Connections
|
||
- [[Global Information Security Team (GIS)]]:制定与维护团队
|
||
- [[ISO-27001]]:框架基础
|
||
- [[OpenText]]:所属组织
|