O'Reilly logo

Information Security and IT Risk Management by Eric Pierce, Alex Campoe, Manish Agrawal

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 13 Policies, Standards, and Guidelines

Introduction

In earlier chapters, we took a broad look at the hazards and challenges organizations face when their businesses depend on data networks. Whether a government agency or private firm, all organizations face similar security challenges – how to best protect assets without impairing productivity and the bottom line. We also looked at various protective measures to protect assets, primarily performed by trained system administrators. We also looked at recommended procedures for reacting to adverse events, thereby controlling damage and minimizing the impact upon the organization.

In this chapter, we will step away from the technical world and discuss administrative mechanisms available to security analysts and system administrators. These mechanisms allow security administrators to guide the behaviors of IT users in the organization in a manner that reduces easily avoidable security hazards. Without these mechanisms, system administrators would spend enormous amounts of time fixing security problems that should not have occurred in the first place, at significant costs to the organization.

At the end of the chapter, you should be able to:

  • Understand the difference between security and compliance requirements
  • Distinguish between policies, standards, and procedures
  • Understand the life cycle of a policy
  • Identify a set of policies considered “a must” for any organization

Guiding principles

The administrative mechanisms used ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required