Book description
Information Security Law: The Emerging Standard for Corporate Compliance is designed to help companies understand this developing law of information security, the obligations it imposes on them, and the standard for corporate compliance that appears to be developing worldwide. ISO/IEC 27001, the international information security standard, should be read alongside this book.
Table of contents
- Copyright
- Preface
- About the Author
- Introduction
- 1. Security Basics: The Legal Perspective
- 2. Legal Response to Security
- 3. The General Duty to Provide Security
- 4. The Legal Standard for Compliance
- 5. Developing a Compliant Security Program
-
6. Security Controls to Consider
- 6.1. Physical security controls
-
6.2. Technical security controls
- 6.2.1. Access controls
- 6.2.2. Identification and authentication
- 6.2.3. System and services acquisition controls
- 6.2.4. System configuration and change management controls
- 6.2.5. System and information integrity
- 6.2.6. Data communications protection
- 6.2.7. Maintenance
- 6.2.8. System activity monitoring and audit records
- 6.3. Administrative security controls
- 6.4. Special rules for specific data elements
- 7. The Role of Standards
- 8. Security Breach Notification
- Appendix
- ITG Resources
Product information
- Title: Information Security Law: The Emerging Standard for Corporate Compliance
- Author(s):
- Release date: October 2008
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356669
You might also like
book
Asset Protection through Security Awareness
Supplying a high-level overview of how to protect your company's physical and intangible assets, Asset Protection …
book
Advanced Persistent Training : Take Your Security Awareness Program to the Next Level
Gain greater compliance with corporate training by addressing the heart of the very awareness vs. compliance …
book
EU GDPR - A Pocket Guide (European) second edition
This concise guide is essential reading for EU organisations wanting an easy to follow overview of …
book
Information Security A Practical Guide: Bridging the Gap between IT and Management
Information Security A Practical Guide - Bridging the gap between IT and management “One of the …