Amazon cover image
Image from Amazon.com
Image from Google Jackets

Information security policies, procedures, and standards : guidelines for effective information security management / Thomas R. Peltier.

By: Material type: TextTextPublication details: Boca Raton : Auerbach Publications, c2002.Description: xiv, 297 p. : ill. ; 26 cmISBN:
  • 0849311373 (pbk. : alk. paper)
  • 9780849311376 (pbk. : alk. paper)
Subject(s): DDC classification:
  • 005.8   21
Contents:
Introduction -- Writing Mechanics and the Message -- Attention Spans -- Key Concepts -- Topic Sentence and Thesis Statement -- The Message -- Writing Don'ts -- Summary -- Policy Development -- Introduction -- Policy Definitions -- Frequently Asked Questions -- Polices are Not Enough -- What is a Policy -- Policy Format -- Policy Content -- Program Policy Examples -- Topic-Specific Policy Statements -- Additional Hints -- Topic-Specific Subjects -- Things to Remember -- Additional Examples -- Standards -- Introduction -- Where Does a Standard Go? -- Policies are not Enough -- What is a Standard -- Security Organization -- Assets Classification and Control -- Personnel Security -- Physical and Environmental Security -- Computer and Network Management -- Systems Access Control -- Business Continuity Planning -- Compliance -- Writing Procedures -- Introduction -- Definitions -- Writing Commandants -- Key Elements in Procedure Writing -- Procedure Checklist -- Getting Started -- Procedure Styles -- Creating a Procedure -- Summary -- Security Awareness Program -- Introduction -- Key Goals of an Information Security Program -- Key Elements of a Security Program -- Security Awareness Program Goals -- Identify Current Training Needs -- Security Awareness Program Development -- Methods Used to Convey the Awareness Message -- Presentation Key Elements -- Typical Presentation Format -- When to do Awareness -- The Information Security Message -- Information Security Self-Assessment -- Video Sources -- Why Manage the Process as a Project -- Introduction -- First Things First - Identify the Sponsor -- Defining the Scope of Work -- Time Management -- Policies and Procedures Project Sample WBS -- Cost Management -- Planning for Quality -- Managing Human Resources -- Creating a Communications Plan -- Summary -- Mission Statement -- Setting the Scope -- Background on your Position -- Business Goals Versus Security Goals -- Computer Security Objectives -- Mission Statement Format -- Allocation of Information Security Responsibilities -- Mission Statement Examples -- Support for the Mission Statement -- Key Roles in Organizations -- Business Objectives -- Review -- Information Technology - Code of Practice for Information Security Management -- Scope -- Terms and Definitions -- Information Security Policy -- Organization Security -- Asset Classification and Control -- Personnel Security -- Physical and Environmental Security -- Systems Development and Maintenance -- Business Continuity Planning -- Compliance -- Review -- References.
Summary: By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals. Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799. Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Books Books Main library General Stacks 005.8 / PE. I 2002 (Browse shelf(Opens below)) 1 Available 010978

Includes bibliographical references and index.

Introduction -- Writing Mechanics and the Message -- Attention Spans -- Key Concepts -- Topic Sentence and Thesis Statement -- The Message -- Writing Don'ts -- Summary -- Policy Development -- Introduction -- Policy Definitions -- Frequently Asked Questions -- Polices are Not Enough -- What is a Policy -- Policy Format -- Policy Content -- Program Policy Examples -- Topic-Specific Policy Statements -- Additional Hints -- Topic-Specific Subjects -- Things to Remember -- Additional Examples -- Standards -- Introduction -- Where Does a Standard Go? -- Policies are not Enough -- What is a Standard -- Security Organization -- Assets Classification and Control -- Personnel Security -- Physical and Environmental Security -- Computer and Network Management -- Systems Access Control -- Business Continuity Planning -- Compliance -- Writing Procedures -- Introduction -- Definitions -- Writing Commandants -- Key Elements in Procedure Writing -- Procedure Checklist -- Getting Started -- Procedure Styles -- Creating a Procedure -- Summary -- Security Awareness Program -- Introduction -- Key Goals of an Information Security Program -- Key Elements of a Security Program -- Security Awareness Program Goals -- Identify Current Training Needs -- Security Awareness Program Development -- Methods Used to Convey the Awareness Message -- Presentation Key Elements -- Typical Presentation Format -- When to do Awareness -- The Information Security Message -- Information Security Self-Assessment -- Video Sources -- Why Manage the Process as a Project -- Introduction -- First Things First - Identify the Sponsor -- Defining the Scope of Work -- Time Management -- Policies and Procedures Project Sample WBS -- Cost Management -- Planning for Quality -- Managing Human Resources -- Creating a Communications Plan -- Summary -- Mission Statement -- Setting the Scope -- Background on your Position -- Business Goals Versus Security Goals -- Computer Security Objectives -- Mission Statement Format -- Allocation of Information Security Responsibilities -- Mission Statement Examples -- Support for the Mission Statement -- Key Roles in Organizations -- Business Objectives -- Review -- Information Technology - Code of Practice for Information Security Management -- Scope -- Terms and Definitions -- Information Security Policy -- Organization Security -- Asset Classification and Control -- Personnel Security -- Physical and Environmental Security -- Systems Development and Maintenance -- Business Continuity Planning -- Compliance -- Review -- References.

By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals. Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799. Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities.

1

There are no comments on this title.

to post a comment.