It is a?framework of policies and procedures for systematically managing?an organization’s sensitive data.External and internal issues, birli well as interested parties, need to be identified and considered. Requirements may include regulatory issues, but they may also go far beyond.They will identify weaknesses and outline what changes you need