Security policies are a collection of documents that define how an organization addresses security, and often include areas such as security risk management, business continuity, and other security areas that need to be specifically defined within each organization.
