Information Security Policies, Procedures, and Standards Guidelines for Effective Information Security Management

ISBN-10: 0849311373

ISBN-13: 9780849311376

Edition: 2001

List price: $104.95 Buy it from $3.00
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Providing the mechanics for policy, procedure, and standards development, Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management shows the reader what to look for when developing an enterprise's procedures. It examines the recommended industry standards and shows how to customize them to fit specific needs. Three major sections cover: writing policies, writing procedures, and writing standards. Each section can be used separately when needed, or as a whole to develop a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of the relevant BS 7799 and ISO 17799 standards.

New Starting from $119.10
eBooks Starting from $41.98
Rent
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $104.95
Copyright year: 2001
Publisher: Auerbach Publishers, Incorporated
Publication date: 12/20/2001
Binding: Paperback
Pages: 312
Size: 7.25" wide x 10.25" long x 1.00" tall
Weight: 1.430
Language: English

Peltier has numerous years of field experience in corporate information security, and is a member of the Advisory Council of the Computer Security Institute (CSI).

Acknowledgments
Introduction
Overview: Information Protection Fundamentals
Elements of Information Protection
More Than Just Computer Security
Roles and Responsibilities
Common Threats
Policies and Procedures
Risk Management
Typical Information Protection Program
Summary
Writing Mechanics and the Message
Attention Spans
Key Concepts
Topic Sentence and Thesis Statement
The Message
Writing Don't's
Summary
Policy Development
Policy Definitions
Frequently Asked Questions
Policies Are Not Enough: A Preliminary Look at Standards, Guidelines, and Procedures
Policy, Standards, Guidelines, and Procedures: Definitions and Examples
Policy Key Elements
Policy Format and Basic Policy Components
Policy Content Considerations
Program Policy Examples
Topic-Specific Policy Examples
Additional Hints
Topic-Specific Policy Subjects to Consider
An Approach for Success
Additional Examples
Summary
Mission Statement
Background on Your Position
Business Goals versus Security Goals
Computer Security Objectives
Mission Statement Format
Allocation of Information Security Responsibilities (ISO 17799-4.1.3)
Mission Statement Examples
Support for the Mission Statement
Key Roles in Organizations
Business Objectives
Review
Standards
Where Does a Standard Go?
What Is a Standard?
International Standards
Summary
Writing Procedures
Definitions
Writing Commandments
Key Elements in Procedure Writing
Procedure Checklist
Getting Started
Procedure Styles
Creating a Procedure
Summary
Information Classification
Introduction
Why Classify Information
What Is Information Classification?
Establish a Team
Developing the Policy
Resist the Urge to Add Categories
What Constitutes Confidential Information
Classification Examples
Declassification or Reclassification of Information
Information Classification Methodology
Authorization for Access
Summary
Security Awareness Program
Key Goals of an Information Security Program
Key Elements of a Security Program
Security Awareness Program Goals
Identify Current Training Needs
Security Awareness Program Development
Methods Used to Convey the Awareness Message
Presentation Key Elements
Typical Presentation Format
When to Do Awareness
The Information Security Message
Information Security Self-Assessment
Conclusion
Why Manage This Process as a Project?
First Things First--Identify the Sponsor
Defining the Scope of Work
Time Management
Cost Management
Planning for Quality
Managing Human Resources
Creating a Communications Plan
Summary
Information Technology: Code of Practice for Information Security Management
Scope
Terms and Definitions
Information Security Policy
Organization Security
Asset Classification and Control
Personnel Security
Physical and Environmental Security
Communications and Operations Management
Access Control Policy
Systems Development and Maintenance
Business Continuity Planning
Compliance
Review
Appendices
Policy Baseline Checklist
Policy Baseline
Sample Corporate Policies
Conflict of Interest
Employee Standards of Conduct
External Corporate Communications
Information Protection
General Security
List of Acronyms
Sample Security Policies
Network Security Policy
Business Continuity Planning
Dial-In Access
Access Control
Communications Security Policy
Software Development Policy
System and Network Security Policy
Electronic Communication Policy
Sign-On Banner
Standards of Conduct for Electronic Communications
E-Mail Access Policy
Internet E-Mail
Software Usage
Job Descriptions
Chief Information Officer (CIO)
Information Security Manager
Security Administrator
Firewall Administrator, Information Security
Security Assessment
Security Policy
Organizational Suitability
Physical Security
Business Impact Analysis, Continuity Planning Processes
Technical Safeguards
Telecommunications Security
References
About the Author
Index
×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×