Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
49
InformatIon SecurIty PolIcy DeveloPment for comPlIance
A.12.1.1  Security requirements analysis and specication
Control: Statements of business requirements for new informa-
tion systems or enhancements to existing information systems
shall specify the requirements for security controls.
A.12.2  Correct
 pr
ocessing
 in ap
plications
Objective: To prevent errors, loss, unauthorized modication, or mis-
use of information in applications.
Appropriate controls should be designed into applications, including
user-developed applications, to ensure correct processing. ese con-
trols should include the validation of input data, internal processing,
and output data.
Additional controls may be required for systems that process, or have
an impact on, sensi ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589