IDG Answers is a community of experts who are passionate about technology. Ask a question or answer one below.
A security policy is a document that covers the rules and practices that you want your staff to follow when working with e-mail, browsing the Web, and accessing confidential data stored in your system. A security policy can help your organisation reduce security breaches and data loss by helping employees follow through with safe and secure computing practices.
In some cases you may find your customers and/or suppliers demand that you have a security policy in place that they can review - especially if you may be formally linking into their IT systems.
Thanks and Regards,
In addition to places like IT World, I check two sites every day _ Naked Security and ThreatPost. They are both run by companies that sell security/anti-virus products, Sophos and Kaspersky respectively, but they also have a lot of up to date information and they don't just shill for their own products.