Book description
Administrators, more technically savvy than their managers, have started to secure the networks in a way they see as appropriate. When management catches up to the notion that security is important, system administrators have already altered the goals and business practices. Although they may be grateful to these people for keeping the network secure, their efforts do not account for all assets and business requirements Finally, someone decides it is time to write a security policy. Management is told of the necessity of the policy document, and they support its development. A manager or administrator is assigned to the task and told to come up with something, and fast! Once security policies are written, they must be treated as living documents. As technology and business requirements change, the policy must be updated to reflect the new environment--at least one review per year. Additionally, policies must include provisions for security awareness and enforcement while not impeding corporate goals. This book serves as a guide to writing and maintaining these all-important security policies.
Table of contents
- Copyright
- About the Author
- About the Technical Reviewers
- Acknowledgments
- Tell Us What You Think
- Introduction
- Starting the Policy Process
- Writing the Security Policies
- Maintaining the Policies
-
Appendixes
- Glossary
-
Resources
- Incident Response Teams
- Other Incident Response Information
- Virus Protection
- Vendor-Specific Security Information
- Security Information Resources
- Security Publications
- Industry Consortia and Associations
- Hacker and “Underground” Organizations
- Health Insurance Portability and Accountability Act
- Survivability
- Cryptography Policies and Regulations
- Security Policy References
- Sample Policies
Product information
- Title: Writing Information Security Policies
- Author(s):
- Release date: November 2001
- Publisher(s): Sams
- ISBN: 157870264X
You might also like
book
Information Security Policies, Procedures, and Standards
This book supplies a blueprint on how to develop effective information security policies and procedures. It …
book
Managing Information Security, 2nd Edition
Managing Information Security offers focused coverage of how to protect mission critical systems, and how to …
book
Security Policies and Implementation Issues, 3rd Edition
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Security Policies …
book
Security Policies and Implementation Issues, 2nd Edition
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Security Policies …