Information Security Policies and Procedures: A Practitioneras Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies. The book emphasizes how information security must be integrated into all aspects of the business process. It examines the 12 enterprise-wide (Tier 1) policies, and maps information security requirements to each. The text also discusses the need for top-specific (Tier 2) policies and application-specific (Tier 3) policies and details how they map with standards and procedures. It may be tempting to download some organizationas policies from the Internet, but Peltier cautions against that approach. Instead, he investigates how best to use examples of policies, standards, and procedures toward the achievement of goals. He analyzes the influx of national and international standards, and outlines how to effectively use them to meet the needs of your business.Thomas R.Peltier (CISM, CISSP) is in his fifth decade of computer technology. ... Prior to this he was Director of Policies and Administration for the Netigy Corporationa#39;s Global Security Practice. ... Prep for Success Handbook; and a contributing author for the Computer Security Handbook, Third and Fifth Edition and Data Security Management. Tom ... Banking, the American Institute of Certified Public Accountants, the Institute of Internal Auditors, ISACA, and Sungard Planning Solutions.
|Title||:||Information Security Policies and Procedures|
|Author||:||Thomas R. Peltier|
|Publisher||:||CRC Press - 2004-06-11|