Michael Overly of CSO Online put together a fantastic point-by-point explanation of how to draft more effective security policies.
It's a quick and dirty summation of key points you should consider in your policy creation process. In brief, they include:
Do you have an effective security policy?
To continue with this topic, the FTC also put together a list of 5 key issues your data security plan should address (see the tutorial on their website). This plan only talks about data security - not a comprehensive security policy - but since it was of a related topic, I thought I'd also share their tips!
Here are some of our past posts on security policies: