Writing Information Security Policies
About the Author
Scott Barman is an information security and system architecture analyst for a Federally
Funded Research and Development Center (FFRDC) helping civilian government agencies to
be compliant with the Federal Information Security Management Act (FISMA) and maintain
their information security posture. With over 30 years of experience, Scott has helped
companies evolve from legacy systems and improve their security requirements for
commercial organizations and government agencies. For more than 20 years, which coincides
with the explosion of the Internet, Scott has focused on various areas of security and
policy development for many organizations in the Washington, D.C. area.
Inspiration for Writing Information Security Policies
came from Scott’s SANS
presentation on this topic.
Scott earned a Bachelor of Science degree from University of Georgia
and a Master of Information Systems Management
with a concetration in Information Security Management from the (now)
Carnegie Mellon University
Scott is also a contributor to the CISSP Training Guide
(ISBN 078972801X), published by Que Certification on November 19, 2002.
to read the chapter Scott contributed.