Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
1
Entity-Level Policies and Procedures
Information Security Policy Management
Describe management’s commitment to
develop and maintain formal,
documented, and approved information
security policies and procedures that
encompass information values,
information protection, and an overall
organizational commitment.
ISO/IEC 27001 A.5.1.1 L001
A.6.1.1 L002
NIST SP 800-53 PS-1 L003
HIPAA Standard 164.316(a) L004
PCI DSS V2.0 12.1 thru 12.9.6 L005
AUP V5.0 B.1 L006
Define the individual or group assigned the
responsibility of ensuring that the
information security policy is regularly
reviewed, documented, and approved.
Thisassignment should be defined in the ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589