Information Security Policies Made Easy Version 12
Book Details
Description
The most complete information security policy library available, ISPME contains over 1500 pre-written information security policies covering over 200 security topics and organized in ISO 27002 format. Take the work out of creating, writing, and implementing security policies.
1. Complete information security policy statement library
1500 individual pre-written security policies covering of the latest technical, legal and regulatory issues
ISO 17799:2005 (ISO 27002) outline format, allowing for easy gap-analysis against existing standards and security frameworks
Expert commentary discussing the risks mitigated by each policy
Target audience (management, technical, or user) and security environment (low, medium, high) for each policy
Policy coverage maps for Sarbanes-Oxley (COBIT), PCI-DSS, FISMA and HIPAA-HiTECH security
2. Thirty-eight (38) essential sample security policy documents:
MS-Word format ready to use as-is or with easy customization
Acceptable use policies such as: Electronic Mail Policy, Internet Security Policy for End Users and Web Privacy Policy
Organization-wide policies such as: High-Level Security Policy, Privacy policy, Information Ownership Policy
Technology-based policies such as: Firewall Policy, Data Classification Policy and Network Security Policy
3. Expert information security policy development advice and tools
A step-by-step checklist of security policy development tasks to quickly start a policy development project
Helpful tips and tricks for getting management buy-in for information security policies and education
Tips and techniques for raising security policy awareness
Real-world examples of problems caused by missing or poor information security policies
Information security policy development resources such as Information Security Periodicals, professional associations and related security organizations
Essential forms such as Risk acceptance memo, incident Reporting Form and Agreement to Abide by Policies
4. Easy-to-Use Digital Files
Sample Security Policies available in both PDF and MS-Word format, with an indexed and searchable PDF interface
Easy cut-and-paste into existing corporate documents
Extensive cross-references between policies that help the user quickly understand alternative solutions and complimentary controls
5.Comprehensive Information Security Policy Coverage
Information Security Policies Made Easy covers over 200 essential information security topics including:
Access Control, Acceptable Use, Application Development, Biometrics, Computer emergency response teams, Computer viruses, Contingency planning, Corporate Governance, Data Classification and Labeling, Data Destruction, Digital signatures, Economic Espionage, Electronic commerce, Electronic mail, Employee surveillance, Encryption, Firewalls, FAX communications, Incident Response, Identity Theft, Information Ownership, Information Security Related Terrorism, Internet, Local area networks, Intranets, Logging controls, Microcomputers, Mobile Devices, Network Security, Outsourcing security functions, Password Management, Personnel Screening and Security, Portable computers (PDA, Laptops), Physical Security, Privacy issues, Security Roles and Responsibilities, Social Engineering (including phishing) SPAM Prevention, Telecommuting, Telephone systems, Third Party Access, User security training, Web Site Security, Wireless Security, Voice Over IP (VOIP), And many more!
More Books by Charles Cresson Wood
