IT Security Policy Framework Approaches

How do you choose among the many IT security policy frameworks promoted by government agencies, corporations, and many others? There’s no simple answer. Your choice will depend on your industry, as well as your management view of risk and any bias within your organization. You should focus on selecting the standards that are widely accepted.

No security framework can prevent all security breaches. At some point, a security event will happen. It could be as simple as someone sharing a password with someone else or loaning a security badge to a colleague to provide (unauthorized) access to a restricted data center. Or it could be a criminal stealing customer data. Whatever the security event, an assessment ...

Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.