Policy is not a place to put detailed information. it is a place to state
how management feel about the importance of security in the orgazation, and
who should execute further security practices.
Procedure is a detailed step by step on how to do things. Guidelines is a
generic approach of a specific issue. Password Policy is likely to be
correctly termed as Password guidelines or procedure depending on their
level of details.
>OK, the part about protecting/changing passwords is a given, but I wonder
>about your comment that "password structure is too detailed..."
Regards,
Leonard Ong, CISSP, CSS-1, CCSE, MCSE,
MCDBA, CCNP, CCDP, NSA, LCP
Network Security Specialist, APAC
NOKIA
Email. [EMAIL PROTECTED]
Mobile. +65 9431 6184
Phone. +65 6723 1724
Fax. +65 6723 1596
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52336&t=52061
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
