In today's digital age, protecting information assets is critical to maintain organizations’ digital sovereignty. Yet existing research offers limited guidance on creating effective, actionable advice in information security policies (ISPs) that instructs employees on how to carry out their tasks and contribute to protecting information assets. Addressing this gap, the aim of this paper is to propose a definition of actionable advice. A clear definition can aid in designing ISPs and enhance communication with employees, guiding them in the expected behavior to protect the organization’s information assets. The research question guiding this work is: how can actionable advice be defined in information security policies? To achieve this aim, the definition is informed by a literature review and analysis of 47 ISPs from public agencies in Sweden. The proposed definition of actionable advice is: a demarcated part of an ISP, that instructs someone on a task to execute or not to execute regarding information security, and, in case of execution, how to carry out the task. The definition of actionable advice provides researchers with a starting point to understand this term, helping advancing future studies on ISPs. This work also has practical implications for ISP developers, offering guidance on writing pieces of actionable advice that are concrete and directly applicable in employees' daily tasks to protect their organizations.