Information security policy

Information security policy is the policy that governs an organization's approach to information security management.

Definitions

According to the ITIL Foundation 4e by Axelos,

Information security policy. The policy that governs an organization's approach to information security management.