1.1 KiB
1.1 KiB
title, type, tags, last_updated
| title | type | tags | last_updated | |||
|---|---|---|---|---|---|---|
| Global Information Security Policy (GISP) | concept |
|
2026-04-14 |
Global Information Security Policy (GISP)
Definition
OpenText 的最高纲领性安全政策,是所有其他安全政策的根基。GISP 由全球信息安全团队(GIS)制定和支持,定期(每季度)接受领导层审查。
Scope
- 定义企业"需要做什么"(what),同时为"如何实施"(how)提供灵活性
- 支持性政策(Supporting Policies)围绕 GISP 构建
- 鼓励反馈以实现持续改进
Relationship to Other Concepts
- 基于 ISO-27001 姿态框架
- 与 Security-Awareness-Training 配合提升全员安全意识
- 与 Third-Party-Penetration-Testing 配合验证政策有效性
Key Quote
"Policies define what needs to be done, while providing flexibility for how it is implemented." — GIS Policy Framework
Connections
- Global Information Security Team (GIS):制定与维护团队
- ISO-27001:框架基础
- OpenText:所属组织