Deciding on the need for encryption solutions is seen as part of an overall process that includes risk assessment and the definition of other management tasks.
The organization has established a general encryption policy that is always followed when protecting information using encryption.
Encryption policy defines:
Our organization has defined policies for creating, storing, sharing, and deleting encryption keys.
Encryption key lengths and usage practices will be selected in accordance with best general practices by monitoring developments in the industry.