Join Books.org — it's free
Home > Books > Information Security Policies, Procedures, and Standards: Guidelines for Effective Security Management

Computer Security, Databases Security
Information Security Policies, Procedures, and Standards: Guidelines for Effective Security Management by Thomas R. Peltier — book cover

Information Security Policies, Procedures, and Standards: Guidelines for Effective Security Management

by Thomas R. Peltier, Peltier R. Peltier
Available on Bookshop Write a review

Books.org participates in affiliate programs including Bookshop.org and the Amazon Services LLC Associates Program. We may earn a commission from qualifying purchases made through links on this page, at no additional cost to you.

Log in to track your reading progress.

Overview

Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies.

The book emphasizes how information security must be integrated into all aspects of the business process. It examines the 12 enterprise-wide (Tier 1) policies, and maps information security requirements to each. The text also discusses the need for top-specific (Tier 2) policies and application-specific (Tier 3) policies and details how they map with standards and procedures.

It may be tempting to download some organization’s policies from the Internet, but Peltier cautions against that approach. Instead, he investigates how best to use examples of policies, standards, and procedures toward the achievement of goals. He analyzes the influx of national and international standards, and outlines how to effectively use them to meet the needs of your business.

Synopsis

Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies.

The book emphasizes how information security must be integrated into all aspects of the business process. It examines the 12 enterprise-wide (Tier 1) policies, and maps information security requirements to each. The text also discusses the need for top-specific (Tier 2) policies and application-specific (Tier 3) policies and details how they map with standards and procedures.

It may be tempting to download some organization’s policies from the Internet, but Peltier cautions against that approach. Instead, he investigates how best to use examples of policies, standards, and procedures toward the achievement of goals. He analyzes the influx of national and international standards, and outlines how to effectively use them to meet the needs of your business.

Reviews

There are no reviews yet. Log in to write one.

Book Details

Published
June 1, 2004
Publisher
Taylor & Francis, Inc.
Pages
408
Format
Hardcover
ISBN
9780849319587

More by Thomas R. Peltier

How to Complete a Risk Assessment in 5 Days or Less
How to Complete a Risk Assessment in 5 Days or Less
Complete Guide to CISM Certification
Complete Guide to CISM Certification
Total CISSP Exam Prep Book: Practice Questions, Answers, and Test Taking Tips and Techniques
Total CISSP Exam Prep Book: Practice Questions, Answers, and Test Taking Tips and Techniques
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
Information Security Risk Analysis
Information Security Risk Analysis
Information Security Policies and Procedures A Practitioner's Reference
Information Security Policies and Procedures A Practitioner's Reference
Information Security Fundamentals
Information Security Fundamentals
Policies and Procedures for Data Security : A Complete Manual for Computer Systems and Networks
Policies and Procedures for Data Security : A Complete Manual for Computer Systems and Networks
Information Security Risk Analysis, Second Edition
Information Security Risk Analysis, Second Edition

Similar books

Digital Rights Management for E-Commerce Systems
Digital Rights Management for E-Commerce Systems
Disaster Recovery: Principles and Practices
Disaster Recovery: Principles and Practices
Effective Oracle Database 10g Security by Design
Effective Oracle Database 10g Security by Design
Mastering System Center Data Protection Manager 2007
Mastering System Center Data Protection Manager 2007
Disaster Recovery Planning for Computers and Communication Resources: with Disk
Disaster Recovery Planning for Computers and Communication Resources: with Disk
Hacking Exposed, Sixth Edition: Network Security Secrets& Solutions
Hacking Exposed, Sixth Edition: Network Security Secrets& Solutions
Security in Computing
Security in Computing
CompTIA Security+ 2008 In Depth
CompTIA Security+ 2008 In Depth
Executive MBA in Information Security
Executive MBA in Information Security
The Security Risk Assessment Handbook
The Security Risk Assessment Handbook