Corporate Information Security Policies have grown into unwieldy documents of 50 pages or more. While these are the core of your Security Awareness Program, no users outside of the Security Department could understand what is said. Learn how to make these policies concise and useful to your user community and how to explain the document to your auditors.