Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet busine...
Đã lưu trong:
| Tác giả chính: | |
|---|---|
| Định dạng: | Sách |
| Ngôn ngữ: | English |
| Được phát hành: |
CRC Press
2009
|
| Truy cập trực tuyến: | http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1316 |
| Các nhãn: |
Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
|
| Thư viện lưu trữ: | Thư viện Trường Đại học Đà Lạt |
|---|
| id |
oai:scholar.dlu.edu.vn:DLU123456789-1316 |
|---|---|
| record_format |
dspace |
| institution |
Thư viện Trường Đại học Đà Lạt |
| collection |
Thư viện số |
| language |
English |
| description |
By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals.
Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799.
Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities. |
| format |
Book |
| author |
Peltier, Thomas |
| spellingShingle |
Peltier, Thomas Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| author_facet |
Peltier, Thomas |
| author_sort |
Peltier, Thomas |
| title |
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| title_short |
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| title_full |
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| title_fullStr |
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| title_full_unstemmed |
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management |
| title_sort |
information security policies, procedures, and standards: guidelines for effective information security management |
| publisher |
CRC Press |
| publishDate |
2009 |
| url |
http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1316 |
| _version_ |
1757658608779132928 |
| spelling |
oai:scholar.dlu.edu.vn:DLU123456789-13162009-11-27T03:00:09Z Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management Peltier, Thomas By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed as thwarting business objectives. An effective information security program preserves your information assets and helps you meet business objectives. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management provides the tools you need to select, develop, and apply a security program that will be seen not as a nuisance but as a means to meeting your organization's goals. Divided into three major sections, the book covers: writing policies, writing procedures, and writing standards. Each section begins with a definition of terminology and concepts and a presentation of document structures. You can apply each section separately as needed, or you can use the entire text as a whole to form a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of British Standard 7799 and ISO 17799. Peltier provides you with the tools you need to develop policies, procedures, and standards. He demonstrates the importance of a clear, concise, and well-written security program. His examination of recommended industry best practices illustrates how they can be customized to fit any organization's needs. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management helps you create and implement information security procedures that will improve every aspect of your enterprise's activities. Overview: Information Protection Fundamentals Writing Mechanics and the Message * Attention Spans * Key Concepts * Topic Sentence and Thesis Statement * The Message * Writing Don'ts Policy Development * Policy Definitions * Frequently Asked Questions * Polices are Not Enough * What is a Policy * Policy Format * Policy Content * Program Policy Examples * Topic-Specific Policy Statements * Topic-Specific Subjects Mission Statement * Setting the Scope * Background on your Position * Business Goals Versus Security Goals * Computer Security Objectives * Mission Statement Format * Allocation of Information Security * Responsibilities * Mission Statement Examples * Support for the Mission Statement * Key Roles in Organizations * Business Objectives Standards * Where Does a Standard Go? * Policies are not Enough * What is a Standard * Internal Standards Writing Porcedures * Definitions * Writing Commandants * Key Elements in Procedure Writing * Procedure Checklist * Getting Started * Procedure Styles * Creating a Procedure Information Classification * Assets Classification and Control * Personnel Security * Physical and Environmental Security * Computer and Network Management * Systems Access Control * Business Continuity Planning Security Awareness Program * Key Goals of an Information Security Program * Key Elements of a Security Program * Security Awareness Program Goals * Identify Current Training Needs * Security Awareness Program Development * Methods Used to Convey the Awareness Message * Presentation Key Elements * Typical Presentation Format * When to do Awareness * The Information Security Message * Information Security Self-Assessment * Video Sources Why Manage the Process as a Project * First Things First - Identify the Sponsor * Defining the Scope of Work * Time Management * Policies and Procedures Project Sample WBS * Cost Management * Planning for Quality * Managing Human Resources * Creating a Communications Plan Information Technology - Code of Practice for Information Security Management o Scope o Terms and Definitions o Information Security Policy o Organization Security o Asset Classification and Control o Personnel Security o Physical and Environmental Security o Systems Development and Maintenance o Business Continuity Planning o Compliance Review References 2009-11-27T03:00:09Z 2009-11-27T03:00:09Z 2001 Book http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1316 en application/octet-stream CRC Press |