LOGBOOK

HELP

Quiz Entry - updated: 2026.06.04

Which documents make up the information security documentation family, from strategy down to log files?

Six layers: IS strategy, Enterprise IS Policy, issue-specific policies, system-specific policies, guidelines/one-pagers, and operational documentation.

  1. Strategie der Informationssicherheit — how security supports the business long-term
  2. Enterprise Information Security Policy — goals, organization, approach (Ziele, Organisation, Vorgehen)
  3. Issue Specific Security Policy — per topic, e.g. cyber crime, fire
  4. System Specific Security Policy — per system class, e.g. data center, network, end devices
  5. Guidelines, OnePagers etc. — user directives, evacuation plan, backup rules, password rules, checklists
  6. Dokumentation — network plans, protocols, log files

The pattern: each level gets more concrete and changes more frequently. The strategy changes with the business (years); guidelines change with technology (months); log files are produced continuously.

Tip: Level 6 is evidence, not rules — documentation proves the upper levels are lived. Auditors read policies, then ask for the logs.

From Quiz: ISM / Policies, Concepts & Guidelines | Updated: Jun 04, 2026