State the scope of security policy
The scope of security policy depends on aspects such as the size of the Intranet site, type of information hosted on it, and the number of users accessing the site. Each policy is based on a number of parameters like the companies' business rules, objectives, Intranet type, content, and existing security infrastructure. It should be noted that a security policy made for some other Intranet cannot be used for a different intranet by merely changing the name.