This chapter defined foundational ISS concepts and key terms. You learned about the key tenets of ISS management to ensure confidentiality, integrity, availability, authentication, and nonrepudiation. Additionally, you read that information systems security (ISS) and information assurance (IA) are two separate but similar concepts. Associated with IA and ISS is governance. Governance ensures people are following the rules, such as policies, regulations, standards, and procedures. You also read about the importance of quality control and quality assurance.

There are several situations when security policies are to be considered. Opportunities include:

  • New business processes
  • Changes in current business processes
  • Business ...

Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.