Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
44
InformatIon SecurIty PolIcy DeveloPment for comPlIance
Access control rules should take account of policies for information
dissemination and authorization.
A.11.1.1  Access control policy
Control: An access control policy should be established, docu-
mented, and reviewed based on business and security require-
ments for access.
A.11.2  User access management
Objective: To ensure authorized user access and to prevent unauthor-
ized access to information systems.
Formal procedures should be in place to control the allocation of
access rights to information systems and services.
e procedures should cover all stages in the life cycle of user access,
from the initial registration of new users to the nal deregistration of
users who no longe ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589