Slide 1 1 Session 3 – Information Security Policies Slide 2 2 General - background How to establish security requirements –Risk assessments –Legal, statutory requirements…