Information security policies, procedures, and standards : a practitioner's reference
By: Landoll, Douglas J
Material type: BookPublisher: Boca Raton : CRC Press, Taylor & Francis Group, c2016.Description: xiv, 240 p. : ill. ; 25 cm.ISBN: 9781482245899Program: ISIT937Subject(s): Business -- Data processing -- Security measures | Data protection | Computer securityDDC classification: 658.4/78Item type | Home library | Call number | Status | Date due | Barcode | Item holds |
---|---|---|---|---|---|---|
REGULAR | University of Wollongong in Dubai Main Collection | 658.478 LA IN (Browse shelf) | Available | T0055214 | ||
REGULAR | University of Wollongong in Dubai Main Collection | 658.478 LA IN (Browse shelf) | Available | T0055215 |
Includes bibliographical references and index.
Information Security Policies, Procedures, and Standards: A Practitioner's Reference gives you a blueprint on how to develop effective information security policies and procedures. It uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content. Highlighting key terminology, policy development concepts and methods, and suggested document structures, it includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
IntroductionNo Short CutsTop-Down SecurityCurrent State of Information Security Policy SetsEffectiveness of Information Security Policy SetsExercisesInformation Security Policy BasicsInformation Security Policy TypesExercisesInformation Security Policy FrameworkInformation Security Policy Sets without FrameworksInformation Security Policy Sets with FrameworksCommon Information SPFsTailoring Information SPFsDeriving a Policy Set from a FrameworkExercisesInformation Security Policy DetailsFront MatterPolicy StatementsSpecific Information Security PoliciesPolicy Document ExamplesExercisesInformation Security Procedures and StandardsLess Formal Language and StructureVarious Purposes of the Standard and GuidelineInformation Security ProceduresExercisesInformation Security Policy ProjectsScoping the ProjectInformation Security Policy Project RolesInformation Security Policy Project PhasesInformation Security Policy Revision ProjectInformation Security Policy Project ApplicationExercisesAppendicesExample Policies (FISMA Framework)Example Departmental PolicyTailoring Guide.
ISIT937