Information Security Policy Development for Compliance

Information Security Policy Development for Compliance
Author :
Publisher : CRC Press
Total Pages : 155
Release :
ISBN-10 : 9781482209648
ISBN-13 : 1482209640
Rating : 4/5 (640 Downloads)

Book Synopsis Information Security Policy Development for Compliance by : Barry L. Williams

Download or read book Information Security Policy Development for Compliance written by Barry L. Williams and published by CRC Press. This book was released on 2013-04-25 with total page 155 pages. Available in PDF, EPUB and Kindle. Book excerpt: Although compliance standards can be helpful guides to writing comprehensive security policies, many of the standards state the same requirements in slightly different ways. Information Security Policy Development for Compliance: ISO/IEC 27001, NIST SP 800-53, HIPAA Standard, PCI DSS V2.0, and AUP V5.0 provides a simplified way to write policies that meet the major regulatory requirements, without having to manually look up each and every control. Explaining how to write policy statements that address multiple compliance standards and regulatory requirements, the book will help readers elicit management opinions on information security and document the formal and informal procedures currently in place. Topics covered include: Entity-level policies and procedures Access-control policies and procedures Change control and change management System information integrity and monitoring System services acquisition and protection Informational asset management Continuity of operations The book supplies you with the tools to use the full range of compliance standards as guides for writing policies that meet the security needs of your organization. Detailing a methodology to facilitate the elicitation process, it asks pointed questions to help you obtain the information needed to write relevant policies. More importantly, this methodology can help you identify the weaknesses and vulnerabilities that exist in your organization. A valuable resource for policy writers who must meet multiple compliance standards, this guidebook is also available in eBook format. The eBook version includes hyperlinks beside each statement that explain what the various standards say about each topic and provide time-saving guidance in determining what your policy should include.


Information Security Policy Development for Compliance Related Books

Information Security Policy Development for Compliance
Language: en
Pages: 155
Authors: Barry L. Williams
Categories: Business & Economics
Type: BOOK - Published: 2013-04-25 - Publisher: CRC Press

DOWNLOAD EBOOK

Although compliance standards can be helpful guides to writing comprehensive security policies, many of the standards state the same requirements in slightly di
Information Security
Language: en
Pages: 261
Authors: Timothy P. Layton
Categories: Computers
Type: BOOK - Published: 2016-04-19 - Publisher: CRC Press

DOWNLOAD EBOOK

Organizations rely on digital information today more than ever before. Unfortunately, that information is equally sought after by criminals. New security standa
Building a Practical Information Security Program
Language: en
Pages: 204
Authors: Jason Andress
Categories: Business & Economics
Type: BOOK - Published: 2016-10-03 - Publisher: Syngress

DOWNLOAD EBOOK

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business
Information Security Policies, Procedures, and Standards
Language: en
Pages: 157
Authors: Douglas J. Landoll
Categories: Business & Economics
Type: BOOK - Published: 2017-03-27 - Publisher: CRC Press

DOWNLOAD EBOOK

Information Security Policies, Procedures, and Standards: A Practitioner's Reference gives you a blueprint on how to develop effective information security poli
Information Security Policies, Procedures, and Standards
Language: en
Pages: 255
Authors: Thomas R. Peltier
Categories: Business & Economics
Type: BOOK - Published: 2016-04-19 - Publisher: CRC Press

DOWNLOAD EBOOK

By definition, information security exists to protect your organization's valuable information resources. But too often information security efforts are viewed