Most privately owned and publicly traded firms only give their employees access to security policies and private information. Security policies typically remain for internal use only due to the sensitive nature of their contents. However, many education entities, nonprofits, and government-affiliated institutions make these documents publicly available on their websites. For this activity, find a government organization’s general information security policy. Organizations may include federal, state, or local agencies or groups.