Security Policy
Security policies in organizations are very important especially when it comes to the idea of ensuring that organizations perform effectively and without the fear of being intimidated in terms of insecurity (Safa, & Furnell, 2016). This, therefore, calls for the need to impose strict policies by the organization to ensure that there is no loophole and that can result in insecurity cases happening to the organization. Strict security policy and its related interpretation refer to a case whereby no security controls exist not unless they are generally directed by the same policy. On the other end, a lesser strict policy interpretation is a case whereby it allows some security to exercise some discretion to possibly implement best practices and that may not end up being explicitly defined in the security policy (Moody, & Pahnila, 2018). In my own opinion, therefore, I would prefer the less strict interpretation as it seems better placed for any organization that focuses to come up with the best security policies. This grants the organization to be able to implement the best practices and allowing its employees to follow them to the latter. Either way, any organization would like to give the best in terms of its security policies so that its operations are not affected by security issues.
References
Moody, & Pahnila, (2018). Toward a unified model of information security policy compliance. MIS Quarterly, 42(1).
Safa, & Furnell, (2016). Information security policy compliance model in organizations. computers & security, 56, 70-82.