Building an Effective Information Security Policy Architecture

Name: Building an Effective Information Security Policy Architecture
Availability: InStock
ISBN: 9781420059052

ISBN-10: 142005905X

ISBN-13: 9781420059052

Edition: 2008

Authors: Sandy Bacik

List price: $110.00

30 day, 100% satisfaction guarantee!

Rent eBooks

180 day rental: $43.98 Expiration date: 10/16/2024

365 day rental: $51.97 Expiration date: 4/19/2025

Marketplace

2 new & used from $32.30

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

Due to the complexity of today's information technology environment, there is a need to have efficient policies and procedures in place. This book provides practical guidance for building, writing, and implementing policy architecture that fits into an organization's culture. Through questionnaires, interviews, and assessments that are based on various regulations and standards, this book demonstrates how to evaluate an organization's culture and determine its need for a strong policy architecture. After evaluation, the text presents essential concepts that are important to include in the policy architecture and gives advice on how to gain support for this policy.

Book details

List price: $110.00
Copyright year: 2008
Publisher: CRC Press LLC
Publication date: 5/20/2008
Binding: Hardcover
Pages: 360
Size: 6.46" wide x 9.61" long x 0.94" tall
Weight: 1.452



Dedication and Thanks


Preface


The Author



Introduction



History of Policy Documents



Why Do We Really Need Policies?



What Follows



The Enterprise



Policy Architecture Design Process



Setting the Reporting Structure



Determining the Mission



Strategic Plans



Summary



What Is a Policy Architecture?



Basic Document Definitions



Effective Policy Architecture



Scope of the Architecture



Top-Level Topics



Getting Ready to Start



Reviewing What Is in Place



Basic Assessment



Policy Writing Skills



A Framework or Set of Standards?



Manuals of Style



Do I Need to Create a Committee?



Initial Approvals for Information Security



Writing the Documents



Policy



Guideline



Standard



General Standard



Technical Standard



Work Instruction



User Work Instruction



IT Work Instruction



Memos



Forms



Cautions



Additional Key Policy Topics



Miscellaneous Items



Physical Security



Personnel Security



Badging



Staff



Authorized Non-Employees



Visitors



Privacy



Third Parties



Application Requirements



Putting It Together



Topics to Start With



Reviews



Project Approval



Document Approval



Support



Publishing



Updates-Effective Versioning



Acknowledgment of Understanding



Exceptions to the Information Security Policy Architecture Documentation



Crafting Communication for Maximum Effectiveness



Barriers to Effective Communication



Listening



Know Your Audience



What Is the Enterprise Standard Method of Communication?



Lunch and Learns



Written



Employee Handbook



Intranet



Informal Training



Death by PowerPoint



No Such Thing As a Stupid Question



Attention Spans



Constructive Feedback (AKA Do Not Take It Personally)



Security Monitoring and Metrics



Monitoring for Enforcement



Baselines



Routine Metrics



Reporting



Continuing to Mold Your Style Through Experience



Building for Longevity



Basic Leadership



Find a Mentor



Find Opportunities to Expand Experience



Summary


Appendices


Index