Cynation’s Shadi Razak at TechUK – How to write an information security policy1 min read


On Friday, June 3rd, CyNation delivered a well received training at Tech UK on how to write an information security policy. The course covered the main misconceptions companies, and those responsible, have when it comes to writing their policies.

One common mistake is the often adopted bottom up approach, trying to patch various policies together, instead of taking a top to bottom approach, establishing key objectives and then breaking it down into detailed policies. The course also explored various methods of writing a security policy such as the bullseye and 10 step method. Many other topics were discussed, i.e. how often policies should be reviewed and updated and how companies can ensure that policies are actually read and understood – the hardest bit.

We thank attendants for their active contributions and the good feedback we received.

Look out for more lectures from CyNation.

United Kingdom

+44 020 3190 5000

The Rain Cloud Victoria
76 Vincent Square
London, SW1P 2PD


The Hague Security Delta
Wilhelmina van Pruisenweg 104
2595 AN Den Haag

Newsletter Signup

%d bloggers like this: