MARC details
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
120322s2002 flua b 001 0 eng |
| 010 ## - LIBRARY OF CONGRESS CONTROL NUMBER |
|---|
| LC control number |
2001045194 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
0849311373 (pbk. : alk. paper) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9780849311376 (pbk. : alk. paper) |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(Sirsi) u8156 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
EG-CaNU |
| Transcribing agency |
EG-CaNU |
| Modifying agency |
EG-CaNU |
| 042 ## - AUTHENTICATION CODE |
|---|
| Authentication code |
ncode |
| 082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.8 |
| Edition number |
21 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Peltier, Thomas R. |
| 9 (RLIN) |
1361 |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Information security policies, procedures, and standards : |
| Remainder of title |
guidelines for effective information security management / |
| Statement of responsibility, etc. |
Thomas R. Peltier. |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. |
|---|
| Place of publication, distribution, etc. |
Boca Raton : |
| Name of publisher, distributor, etc. |
Auerbach Publications, |
| Date of publication, distribution, etc. |
c2002. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xiv, 297 p. : |
| Other physical details |
ill. ; |
| Dimensions |
26 cm. |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc. note |
Includes bibliographical references and index. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Introduction -- Writing Mechanics and the Message -- Attention Spans -- Key Concepts -- Topic Sentence and Thesis Statement -- The Message -- Writing Don'ts -- Summary -- Policy Development -- Introduction -- Policy Definitions -- Frequently Asked Questions -- Polices are Not Enough -- What is a Policy -- Policy Format -- Policy Content -- Program Policy Examples -- Topic-Specific Policy Statements -- Additional Hints -- Topic-Specific Subjects -- Things to Remember -- Additional Examples -- Standards -- Introduction -- Where Does a Standard Go? -- Policies are not Enough -- What is a Standard -- Security Organization -- Assets Classification and Control -- Personnel Security -- Physical and Environmental Security -- Computer and Network Management -- Systems Access Control -- Business Continuity Planning -- Compliance -- Writing Procedures -- Introduction -- Definitions -- Writing Commandants -- Key Elements in Procedure Writing -- Procedure Checklist -- Getting Started -- Procedure Styles -- Creating a Procedure -- Summary -- Security Awareness Program -- Introduction -- Key Goals of an Information Security Program -- Key Elements of a Security Program -- Security Awareness Program Goals -- Identify Current Training Needs -- Security Awareness Program Development -- Methods Used to Convey the Awareness Message -- Presentation Key Elements -- Typical Presentation Format -- When to do Awareness -- The Information Security Message -- Information Security Self-Assessment -- Video Sources -- Why Manage the Process as a Project -- Introduction -- First Things First - Identify the Sponsor -- Defining the Scope of Work -- Time Management -- Policies and Procedures Project Sample WBS -- Cost Management -- Planning for Quality -- Managing Human Resources -- Creating a Communications Plan -- Summary -- Mission Statement -- Setting the Scope -- Background on your Position -- Business Goals Versus Security Goals -- Computer Security Objectives -- Mission Statement Format -- Allocation of Information Security Responsibilities -- Mission Statement Examples -- Support for the Mission Statement -- Key Roles in Organizations -- Business Objectives -- Review -- Information Technology - Code of Practice for Information Security Management -- Scope -- Terms and Definitions -- Information Security Policy -- Organization Security -- Asset Classification and Control -- Personnel Security -- Physical and Environmental Security -- Systems Development and Maintenance -- Business Continuity Planning -- Compliance -- Review -- References. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals. Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799. Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities. |
| 596 ## - |
|---|
| -- |
1 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security. |
| 9 (RLIN) |
14853 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Data protection. |
| 9 (RLIN) |
14854 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Sécurité informatique |
| 9 (RLIN) |
14855 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Protection de l’information (Informatique) |
| 9 (RLIN) |
14856 |