SID-ORG-01 — Information Security Policy
| Property | Value |
|---|---|
| Status | to_do |
| Owner | operator |
| Category | policy |
| CSF Function | govern |
| Group | Governance and Policy Controls |
Description
Establish, publish, and maintain an information security policy approved by management. Must cover wallet service scope, risk appetite, roles and responsibilities, and commitment to continuous improvement. Review annually or after significant changes.