A cybersecurity policy is a set of documented guidelines, rules, and procedures that outline an organization's approach to managing and protecting its information assets and technology infrastructure from cyber threats. It defines roles, responsibilities, and security measures.