Where can you find the Information Security Policy (ISP)?
a. It is available in Lex.
b. It is accessible only by the Information Security group (ISG) and is available in their Sharepoint.
c. It is accessible by all employees and is published in InfyMe Web under World of Infosys Business Units and Subsidiaries Business Enabler Functions Information Security Group ( ISG) → Repository → Policies
d. It is accessible by all employees and can be accessed in InfyMe Web under the Policy section within the Information Systems (IS) portal (infyMe web → World of Infosys → Business Units and Subsidiaries Information Systems → Repository → Policies)
e. Option c and d
The correct answer and explanation is :
The correct answer is:
e. Option c and d provide the correct answer and 300 words explanation
Explanation (300 words):
The Information Security Policy (ISP) is a critical document that outlines an organization’s strategy to protect information assets and manage risks associated with data security. At Infosys, the ISP is not restricted to a particular group but is made accessible to all employees to ensure widespread awareness and compliance.
Option c correctly states that the ISP is available to all employees and can be accessed via the InfyMe Web portal, specifically under:
World of Infosys → Business Units and Subsidiaries → Business Enabler Functions → Information Security Group (ISG) → Repository → Policies.
This path ensures that employees across the organization can find and refer to key security policies maintained by the Information Security Group.
Option d also correctly outlines another accessible route for all employees through the Information Systems (IS) portal within InfyMe. The steps are:
InfyMe Web → World of Infosys → Business Units and Subsidiaries → Information Systems → Repository → Policies.
This alternate path reflects how Infosys ensures redundancy and ease of access by hosting critical documents like the ISP in multiple logical locations within its internal systems.
The presence of the ISP in both the ISG and IS portals ensures that employees from different functions can access the policy depending on their area of operation. This approach promotes transparency, policy awareness, and responsibility among employees toward information security.
Therefore, both option c and option d are correct, and combining them provides a comprehensive view of where and how the ISP can be accessed within Infosys systems. Selecting only one would limit the scope of understanding or accessibility options, making option e the most accurate and complete choice.