discussion cybersecurity planning amp management 1

If you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important.