Discussion

If you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important. (300 words + References please)