New Riders Publishing
ISBN 1-5787-0264-X
216 pages
Does your organization have an information security policy? If so, is it up to date? Information security is more than installing a firewall. You need to know what you are protecting. That is what the information security policies can do. Policies are the guidelines that can be used to determine what security measures your organization should employ.
Writing successful information security policies also requires proper planning. Writing Information Security Policies is the only book of its kind that helps you in the process by explaining what you need to know in order to write your organization’s information security policies.
Few references will provide the answer of what a good policy document is and even fewer will help you write one. Although nearly every reference says that a good policy should be the basis for every successful security program, over 60 percent of companies do not have policies, or they have policies that are out of date. This book targets those who want to write effective security policies but are not sure how.
About Writing Information Security Policies
- The Dedication
- Errata:
- Page 58, enumerated list, item 2:
“Dyanmic Host Resolution Protocol…” should read “Dyanmic Host Configuration Protocol….”
- Page 58, enumerated list, item 2:
- Extended Table of Contents
- Sample Information Security Policies from Appendix C:
- The listing from InformIT (New Riders) including:
- Translations
- Articles and reviews:
- Articles written by Scott Barman
- UnixReview book review by Ben Rothke. (sorry, dead link)
- Review by Rob Slade posted to comp.risks.
- Review in Technical Communicaion Online by Seyoum “Zeg” Zegiorgis. (sorry, dead link)
- Help Net Security review by Berislav Kucan.
- Scott is interviewed by Mirko Zorz of Help Net Security.
- About.com review by Tom Bradley.