Book description
Information Security Law: The Emerging Standard for Corporate Compliance is designed to help companies understand this developing law of information security, the obligations it imposes on them, and the standard for corporate compliance that appears to be developing worldwide. ISO/IEC 27001, the international information security standard, should be read alongside this book.
Table of contents
- Copyright
- Preface
- About the Author
- Introduction
- 1. Security Basics: The Legal Perspective
- 2. Legal Response to Security
- 3. The General Duty to Provide Security
- 4. The Legal Standard for Compliance
- 5. Developing a Compliant Security Program
-
6. Security Controls to Consider
- 6.1. Physical security controls
-
6.2. Technical security controls
- 6.2.1. Access controls
- 6.2.2. Identification and authentication
- 6.2.3. System and services acquisition controls
- 6.2.4. System configuration and change management controls
- 6.2.5. System and information integrity
- 6.2.6. Data communications protection
- 6.2.7. Maintenance
- 6.2.8. System activity monitoring and audit records
- 6.3. Administrative security controls
- 6.4. Special rules for specific data elements
- 7. The Role of Standards
- 8. Security Breach Notification
- Appendix
- ITG Resources
Product information
- Title: Information Security Law: The Emerging Standard for Corporate Compliance
- Author(s):
- Release date: October 2008
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356669
You might also like
book
Information Security Policy Development for Compliance
Although compliance standards can be helpful guides to writing comprehensive security policies, many of the standards …
book
Executive's Guide to Cyber Risk
A solid, non-technical foundation to help executives and board members understand cyber risk In the Executive's …
book
Cyber Security: Essential Principles to Secure Your Organisation
Cyber Security – Essential principles to secure your organisation takes you through the fundamentals of cyber …
book
Auditing IT Infrastructures for Compliance, 2nd Edition
The Second Edition of Auditing IT Infrastructures for Compliance provides a unique, in-depth look at recent …