Opinion: Security policy in the age of compliance

Setting a security policy that is both reasonable and covers off the major risk areas is a difficult task. There is evidence that employees will ignore policy that they don't see as necessary. But the security policy is an important element of a secure system, and one that is also important to IS Auditors. This article covers these issues and is the concluding part of a series of articles centered around the "Age of Compliance" Opinion: Security policy in the age of compliance