Abstract:
This paper discusses the importance of information policy within organizations to perform with a high level of information system security. It explores the challenges that are facing organizations in dealing with different threats, especially the inside one. This paper also examines different procedures, which support information policy effectiveness and make it more aligned with information security. It is necessary to discover a comprehensive system that fits with the culture of the organization and make it as fundamental core of its philosophy.