Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security...
Search in google:
By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals.Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799.Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities. Booknews Walks through the key structure elements of a written information protection policy, and reviews some typical policy contents. The guide illustrates how to develop the related standards, procedures, and guidelines for implementing the policy. Each chapter provides advice on the structural mechanics of the various documents as well as an example of each form. The classification of information is also covered. The appendices contain a policy baseline checklist, sample corporate policies, and sample security policies. Annotation c. Book News, Inc., Portland, OR (booknews.com)
AcknowledgmentsIntroduction1Overview: Information Protection Fundamentals12Writing Mechanics and the Message133Policy Development214Mission Statement535Standards696Writing Procedures837Information Classification1078Security Awareness Program1499Why Manage This Process as a Project?16110Information Technology: Code of Practice for Information Security Management17511Review187App. A: Policy Baseline Checklist195App. B: Sample Corporate Policies205App. C: List of Acronyms215App. D: Sample Security Policies225App. E: Job Descriptions255App. F: Security Assessment261App. G: References285About the Author287Index289
\ Walks through the key structure elements of a written information protection policy, and reviews some typical policy contents. The guide illustrates how to develop the related standards, procedures, and guidelines for implementing the policy. Each chapter provides advice on the structural mechanics of the various documents as well as an example of each form. The classification of information is also covered. The appendices contain a policy baseline checklist, sample corporate policies, and sample security policies. Annotation c. Book News, Inc., Portland, OR (booknews.com)\ \
