or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Information Security Policies Made Easy, Version 10
 
 
Share your own customer images
Search inside this book
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Information Security Policies Made Easy, Version 10 [Hardcover]

Charles Cresson Wood (Author), Information Shield (Editor)
4.7 out of 5 stars  See all reviews (6 customer reviews) |
Price: $795.00 & this item ships for FREE with Super Saver Shipping. Details
  Special Offers Available
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.
Only 1 left in stock--order soon.
Want it delivered Monday, January 30? Choose One-Day Shipping at checkout. Details
Textbook Student FREE Two-Day Shipping for Students. Learn more

Book Description

ISBN-10: 1881585131 | ISBN-13: 978-1881585138 | Publication Date: February 1, 2008
Information Security Policies Made Easy, Version 10 is the new and updated version of the best-selling policy resource by Charles Cresson Wood, CISSP, CISA, CISM. Based on the 20 year consulting and security experience of Mr. Wood, ISPME is the most complete policy resource available. ISPME Version 10 has everything you need to build a due-care security policy environment, including: 1. A complete policy library with over 1350 individual pre-written security policies including: Coverage of the latest technical, legal and regulatory issues. ISO 17799 outline format, allowing for easy gap-analysis against existing standards and security frameworks. Expert commentary discussing the risks mitigated by each policy. Target audience (management, technical, or user) and security environment (low, medium, high) for each policy. Policy coverage maps for Sarbanes-Oxley (COBIT) and HIPAA security 2. Eighteen complete pre-written security policy documents that every company should have, updated and ready to use as is or with easy customization, including: User-targeted policies such as: Electronic Mail Policy, Internet Security Policy for End Users and Web Privacy Policy. Organization-wide policies such as: High-Level Security Policy, Privacy policy, Information Ownership Policy. Technology-based policies such as: Firewall Policy, Data Classification Policy and Network Security Policy. Sample risk acceptance memo for the approval of out of compliance situations, a sample non-disclosure agreement, and a user policy acceptance agreement. 3. Expert advice on the policy development and review process, including: A step-by-step checklist of policy development tasks to quickly start a policy development project. Helpful tips and tricks for getting management buy-in for information security policies and education. Tips and techniques for raising security policy awareness. Real-world examples of problems caused by missing or poor security policies. Policy development resources such as Information Security Periodicals, professional associations and related security organizations. 4. All content available on an easy-to-use CD-ROM with an indexed and searchable HTML interface for easy location, featuring: Policies available in HTML, PDF, MS-Word format. Easy cut-and-paste into existing corporate documents. Extensive cross-references between policies that help the user quickly understand alternative solutions and complimentary controls. ISPME V10 policies cover these important security topics: Access Control, Data Classification and Control, Risk Assessments, Password and user ID management, Logging Controls, Encryption and Digital Signatures, Instant messaging, PDAs and smart,phones, Personnel Security including Security Awareness and Training, Data Privacy Management for employees and customers, Corporate governance, including Sarbanes-Oxley, Electronic mail, viruses, malicious code protection, and social engineering attacks, including phishing scams, Preventing and responding to identity theft, Network security including wireless and Voice Over Internet Protocol (VOIP), Security, configuration, and management firewalls, Communication Security including telephones and FAX machines, Web site and e-commerce security, Security in 3rd party contracts, including outsourcing and off-shoring of IT projects, Document destruction, as well as retention of documents that may be used in court cases, Incident Response and Contingency planning, Telecommuting and mobile computing, Honeypots and intrusion detection systems, Effective software patch management including Open Source software, And many others! Information Security Policies Made Easy, Version 10.0 policies are organized around the ISO/IEC 17799 Security Standard. An excellent resource purchase a copy and register your product to receive additional updates from Information Shield.

Special Offers and Product Promotions

  • Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)

Customers Who Viewed This Item Also Viewed

Editorial Reviews

About the Author

Charles Cresson Wood, CISA, CISSP, is an author and independent information security consultant based in Sausalito California. In the information security field on a full-time basis since 1979, he has worked as an information security management consultant at SRI International (formerly Stanford Research Institute) as well as lead network security consultant at Bank of America. He has done information security work with over 120 organizations many of them Fortune 500 companies including a large number of financial institutions and high-tech companies. His consulting work has taken him to over twenty different countries around the world. He is noted for his ability to integrate competing objectives (like ease-of-use, speed, flexibility and security) in customized and practical compromises that are acceptable to all parties involved. Acknowledging that information security is multi-disciplinary, multi-departmental, and often multi-organizational, he is additionally noted for his ability to synthesize a large number of complex considerations and then to document these in security architectures, system security requirements, risk assessments, project plans, policy statements, and other clear and action-oriented documents. He has published over 225 technical articles and five books in the information security field. In addition to TV and radio appearances, he has been quoted as an expert in publications such as Business Week, Christian Science Monitor, Computerworld, IEEE Spectrum, Infoworld, LA Times, Network Computing, Network World, PC Week, The Wall Street Journal, and Time. He has also presented cutting-edge information security ideas at over 100 technical and professional conferences around the globe. Mr. Wood is Senior North American Editor for the journals "Computers & Security" and "Computer Fraud & Security Bulletin", as well as a monthly columnist for "Computer Security Alert". He holds an MBA in financial information systems, an MSE in computer science, and a BSE in accounting from the Wharton School of Business at the University of Pennsylvania. He has passed the Certified Public Accountant (CPA) examination and is both a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP). In November 1996 he received the Lifetime Achievement Award from the Computer Security Institute for "sincere dedication to the computer security profession."

Product Details

  • Hardcover: 739 pages
  • Publisher: Information Shield (February 1, 2008)
  • Language: English
  • ISBN-10: 1881585131
  • ISBN-13: 978-1881585138
  • Product Dimensions: 11.1 x 8.5 x 1.8 inches
  • Shipping Weight: 4.6 pounds (View shipping rates and policies)
  • Average Customer Review: 4.7 out of 5 stars  See all reviews (6 customer reviews)
  • Amazon Best Sellers Rank: #1,804,497 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?

More About the Author

Visit Amazon's Charles Cresson Wood Page
Charles Cresson Wood
Recipient of Computer Security Institute's Lifetime Achievement Award.

Charles Cresson Wood, CISSP, CISM, CISA is an author and independent information security consultant based in Mendocino, California. In the information security field on a full-time basis since 1979, he has worked as an information security management consultant at SRI International (formerly Stanford Research Institute) as well as lead network security consultant at Bank of America. He has done information security work with over 120 organizations, many of them Fortune 500 companies, including a large number of financial institutions and high-tech companies. His consulting work has taken him to over twenty different countries around the world.

He is noted for his ability to integrate competing objectives (like ease-of-use, speed, flexibility and security) in customized and practical compromises that are acceptable to all parties involved. Acknowledging that information security is multi-disciplinary, multi-departmental, and often multi-organizational, he is additionally noted for his ability to synthesize a large number of complex considerations and then to document these in security architectures, system security requirements, risk assessments, project plans, policy statements, and other clear and action-oriented documents.

He has published over 300 technical articles and five books in the information security field. In addition to TV and radio appearances, he has been quoted as an expert in publications such as Business Week, Christian Science Monitor, Computerworld, IEEE Spectrum, Infoworld, LA Times, Network Computing, Network World, PC Week, The Wall Street Journal, and Time. He has also presented cutting-edge information security ideas at over 100 technical and professional conferences around the globe.

Mr. Wood is Senior North American Editor for the journals "Computers & Security" and "Computer Fraud & Security Bulletin", as well as a monthly columnist for "Computer Security Alert". He holds an MBA in financial information systems, an MSE in computer science, and a BSE in accounting from the Wharton School of Business at the University of Pennsylvania. He has passed the Certified Public Accountant (CPA) examination and is both a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP). In November 1996 he received the Lifetime Achievement Award from the Computer Security Institute for "sincere dedication to the computer security profession."

Here is a sampling of the over 335 security related articles by Charles Cresson Wood:

"Researchers Must Disclose All Sponsors And Potential Conflicts," Computer Security Alert, No. 197, March 2000; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 220]

"Integrated Approach Includes Information Security," Security, pp. 43-44, February 2000; Publisher: Cahners, Des Plains, IL. [pub. no. 219]

"Get Data Safety Policies In Place," American Banker, 11 February 2000, p. 7; Publisher: American Banker, New York, NY. [pub. no. 218]

"All Internet Personal Data Gathering Techniques Must Be Disclosed," Computer Security Alert, No. 196, February 2000; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 217]

"The Information Security Profession: Evolutionary Career Paths," Information Security, November 1999; Publisher: published by ICSA.net, Norwood, MA. [pub. no. 214]

"Disclosures Of Private Information Without Data Subject Consent," Computer Security Alert, No. 193, November 1999; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 212]

"Termination Of Outsourcing Contracts For Security Violations," Computer Security Alert, No. 191, September 1999; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 210]

"Top Ten Impediments To Implementing An Information Security Policy," Information Security, September 1999, Publisher: Information Security, Norwood, MA (cover story). [pub. no. 209]

"A Functional Comparison Of Tandem Data Replication Software Packages," an extensive independent report prepared for customers and prospects, August 1999; Publisher: Compaq Corporation, Cupertino, CA. [pub. no. 207]

"Subjects Given Opportunity To Block Private Information Disclosures," Computer Security Alert, No. 189, June 1999; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 205]

"Use Of Personal Digital Assistants, Hand-Held Computers, And Smart Phones For Corporate Business Information," Computer Security Alert, No. 186, March 1999; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 202]

"All Systems Access Privileges Cease When Workers Terminate," Computer Security Alert, No. 185, February 1999; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 202]

"Non-Compliance And Disciplinary Action," Computer Security Alert, No. 182, November 1998; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 198]

"Convenience Versus Multi-Factor User Authentication," Computer Security Alert, No. 181, October 1998; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 196]

"Twelve New Vulnerabilities Introduced by Internet Commerce," Information Security Bulletin, September 1998 (volume 3, issue 6, cover story), Publisher: Chi Publishing Ltd., London, England. [pub. no. 195]

"All Telephone Transactions Require Positive Caller Identification," Computer Security Alert, No. 179, August 1998; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 193]

"The Truth About Masquerading and Spoofing," Network Magazine, February 1998; Publisher: Miller Freeman, San Francisco, CA. [pub. no. 183]

"Unauthorized Information Disclosure and Loss of Stock Options," Computer Security Alert, No. 173, December 1997; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 185]

"Managing Perceptions About Internet Electronic Commerce Security," Computer Security, Audit & Control, February 1997; Publisher: Management Advisory Services Publications, Wellesley Hills, MA. [pub. no. 165]

"Information Security: Are We Winning the Game?" Computer Fraud &Security Bulletin, January 1997; Publisher: Elsevier Science Technology, Oxford, England. [pub. no. 162]

"Encryption for Files Left on Anonymous FTP Servers," Computer Security Alert, No. 163, October 1996; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 159]

"Encryption Systems Must Include Key Escrow," Computer Security Alert, No. 157, April 1996; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 152]

"Cryptography Plays Central Role in Future Electronic Commerce," March 1996, pp. 9-10, Computer Fraud & Security Bulletin; Publisher: Elsevier Science Technology, Oxford, England. [pub. no. 151]

"Users Must Not Attempt to Eradicate Viruses," Computer Security Alert, No. 156, March 1996; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 150]

"EDP Audit Must Be Independent of Information Security," Computer Security Alert, No. 155, February 1996; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 147]

"Reliance on Information Downloaded From Internet," Computer Security Alert, No. 153, December 1995; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 145]

"When to Report Computer Crimes to Law Enforcement," Computer Security Alert, No. 151, October 1995; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 141]

"New Intellectual Property and the Need for Information Security," Computer Fraud & Security Bulletin, September 1995, pp. 18-19; Publisher: Elsevier Science Ltd., Oxford, England. [pub. no. 139]

"Require Approval for Official Statements Posted to the Internet," Computer Security Alert, No. 149, August 1995; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 136]

"Internet Anarchy and the Effectiveness of Laws," Computerworld, 12 June 1995. Expanded version also appears as "Need for Worldwide Internet Laws," in Computer Fraud & Security Bulletin, p.10, July 1995, Elsevier Science Publishers, Oxford, England. [pub. no. 133]

"ISO 9000 and Information Security," Computers & Security, vol. 14, no. 4, pp. 287-288, October 1995; Publisher: Elsevier Science Publishers, Oxford, England (co-author Karen Snow). [pub. no. 131]

"Why SATAN Should Not Have Been Distributed As It Was," Computer Security Alert, No. 146, May 1995; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 128]

"Destroy Archived Electronic Mail Periodically," Computer Security Alert, No. 142, January 1995; Publisher: Computer Security Institute, San Francisco, CA. [pub. no. 124]

"Wireless Network Security," Proceedings of Wireless Datacom '94 Conference held in Washington, DC, 6-8 December 1994; Publisher: Business Communications Review, Hinsdale, IL. [pub. no. 122]

"Fifty Ways to Secure Dial-Up Communications," Computers & Security, May 1994, vol. 13, no. 3, pp. 209-215; Publisher: Elsevier Advanced Technology, Oxford, England. [pub. no. 118]

"Identity Token Usage at American Commercial Banks," Computer Fraud & Security Bulletin, March 1995; Publisher:Elsevier Science Publishers, Oxford England, pp. 14-16. [pub. no. 114]

"Security Problems in Collaborative Computing," Network World, October 1994; Publisher: International Data Group, Framingham, MA. [pub. no. 113]"The Newest Threat to Information Security: Open Book Management," EDPACS, August 1994; Publisher: WarrenGorham Lamont, Boston, MA. [pub. no. 110]

"Principles of Secure Information Systems Design with Groupware Examples," Proceedings of the Groupware '92 Conference, held in San Jose, California 3-5 August 1992; Publisher: Morgan Kaufmann Publishers, San Mateo, CA. [pub. no. 75]"A Strategy for Developing Information Security Documents," Journal of Information Systems Security, vol. 1, issue 2, Summer 1992, pp. 71-78; Publisher: Auerbach Publishers, New York, NY (co-author: Juhani Saari). [pub. no. 68]

"Using Information Security to Achieve Competitive Advantage," Proceedings of the 18th Annual CSI Conference, Miami, Florida, November 11-15, 1991; Publisher: Computer Security Institute, San Francisco, California. [pub. no. 58]"Data Dictionaries and Information Security," Proceedings of SECURICOM '84 International Conference, Cannes, France, 29 February - 2 March 1984, pp. 55-63; Publisher: SEDEP, Paris, France. [pub. no. 24

"International Barriers to Information Flows," SRI International Business Intelligence Report, Report #1057, March 1981; Publisher: SRI International, Menlo Park, CA. [pub. no. 10]

"Computer Crime: Criminal Justice Resource Manual," with Parker, Donn B., Publisher: U.S. Government Printing Office, Washington, DC; prepared for U.S. Department of Justice; order no. 1979-311-379/1710, 1979. [pub. no. 1]

Books Written by Charles Cresson Wood:

Information Security Policies Made Easy [a book of 1300+ already-written policies provided in both hardcopy and CD-ROM], AND in it's 11th edition, 2010; Publisher: Information Shield, Houston, TX, USA; ISBN# 1-881585-16-9.

Information Security Roles & Responsibilities Made Easy provides practical, step-by-step instructions on how to develop specific information security roles and responsibilities.It includes 40 different job descriptions, 24 organizational mission statements, 15 alternative reporting relationships, and the most comprehensive set of already-written information security roles & responsibilities documents available anywhere. Publisher: NetIQ Corporation, San Jose, USA; ISBN# 1-881585-08-5.

Best Practices in Internet Commerce Security [derived from a survey of Internet merchants, Internet service providers (ISPs), Internet commerce hosting firms, Internet Trusted Third Parties (TTPs), and Internet commerce software vendors], 1998; Publisher: NetIQ Corporation, San Jose, CA, USA; ISBN#1-881585-05-0.

How to Handle Internet Electronic Commerce Security: Risks, Controls & Product Guide [a guide for the design and specification of Internet security measures], released in 1996; Publisher: NetIQ Corporation, San Jose, CA, USA; ISBN#1-881585-03-4.

Effective Information Security Management [a book of tools and techniques for dealing with information security problems], 1991; Publisher: Elsevier Advanced Technology, Oxford, England; ISBN#1-85617-070-5.

Computer Security: A Comprehensive Controls Checklist [a book detailing standard control practices -- particularly useful for audits and reviews], 1987; Publisher: John Wiley & Sons, New York, NY, USA; ISBN#O-471-84795-X.

Consulting Services Include:
Information systems risk analysis and EDP audits
Enterprise-wide information security policy development
Organizational infrastructure for information security
Customized security solutions for cutting-edge application systems
Security design reviews for Internet commerce merchants and banks
Network security architecture compilation and documentation
Expert witness testimony and strategy for computer crime trials
Training and awareness program development and presentation
For more information about information security consulting services click here.

As a matter of policy, Mr. Wood does not accept referral fees, marketing finder's fees, sales commissions, or any other financial remuneration for mentioning information security products or services to clients. In this way he can be truly independent and make recommendations, which are unquestionably in the best interests of consulting clients.
 

Customer Reviews

6 Reviews
5 star:
 (4)
4 star:
 (2)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
4.7 out of 5 stars (6 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

16 of 16 people found the following review helpful:
5.0 out of 5 stars New version of a vital information security reference, August 16, 2005
This review is from: Information Security Policies Made Easy, Version 10 (Hardcover)
In technology, books are often obsolete shortly after publication. Given the dynamic nature of technology, very few technology books can stand the test of time and remain relevant for a few years, let alone a decade after their original printing. Some of those rare titles that seem timeless include Applied Cryptography by Bruce Schneier, Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson, and the book I'll review here, Information Security Policies Made Easy, Version 10. Information Security Policies Made Easy (ISPME) is one of the most important information security books available for those who are serious about creating a comprehensive set of information systems security policies.

The importance of effective information security policies cannot be overemphasized, as they are the foundation toward implementing information security and ensuring the security of the people, systems, and networks within an organization. If an organization lacks security policies, they cannot inform employees and users of their specific security responsibilities. Policies define acceptable system use and user behavior, and those policies must be in place before they can be enforced.

Version 10 of ISPME contains more than 1350 pre-written security policies that can be used as a framework for the creation of a comprehensive set of information security policies. The book comes with a CD-ROM that includes every policy. The beauty of ISPME is that it removes the huge burden and time required to create a global set of security policies. With ISPME, you can immediately begin exploring the myriad policies required for information security.

One of the biggest mistakes you could make, however, when using ISPME, is to implement a policy too quickly, without deciding specifically how those policies with be selected, developed, deployed, maintained, and enforced. With that, Chapter 2 provides an orientation to the information security policy writing and development process. The books states that while it may be tempting to immediately start cutting and pasting policies together, it is crucial to understand both what the policies do and what you want to accomplish with them before you begin. If that is done, the subsequent policy writing tasks will be much more efficient and focused.

At 501 pages, Chapter 3 comprises the bulk of the book and contains the all of the specific policies. These policies are divided into 10 separate domains that are mapped to the ISO-17799 standard. This organization scheme makes it makes it easy to create a gap-analysis of your current policies against the ISO-17799 standard. This is helpful since many organizations are now embracing ISO-17799.

Each of the policies contain the individual policy itself and a detailed commentary on why the policy is specifically needed. Each policy also has a cross-reference to related policies and an indication of the audience (management, technical, end-user) and the security environment (low, medium, high) for which it is written.

Chapters 4 - 20 contain various high-level policies in areas such as mobile computing, data classification, email, Web security, and more. These 18 chapters are complete security policy documents that can be implemented with little customization.

The book contains 15 appendixes, which include secondary information such as awareness-raising methods, checklists, memos, and next steps to take.

The CD-ROM that is included contains the entire set of polices in HTML, Word, and PDF formats. It also includes two documents that map the policies in the book against HIPAA and Sarbanes-Oxley.

Organizations that take information security seriously will likely have used ISPME in its previous versions. But for those that have not yet taken the plunge, ISPME is a valuable tool that can be utilized to create a comprehensive set of information security policies in a cost- and time-effective manner. For those building corporate or organizational security policies, ISPME is clearly the definitive reference.


Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


12 of 12 people found the following review helpful:
5.0 out of 5 stars Even Better, August 9, 2006
This review is from: Information Security Policies Made Easy, Version 10 (Hardcover)
I keep books in two places, a small shelf near my computer that I can reach and a large bookshelf across the room. This book deserves a place on the small shelf within arm's reach.

Version 10 builds on the previous work and includes ISO 17799 outline format, policy coverage maps for Sarbanes-Oxley and coverage of the latest issues (technical, legal and regulatory.) I particularly appreciate the section on policy awareness. This is one of the biggest problems you run into.


If you are a manager, before you ever make a decision, or approve a policy, look the topic up, there is a good chance you will see something you didn't think of.

Let me give you an example, our company used to have a fairly long Non-Diclosure Agreement (NDA) prepared by our attorney for a specific purpose. However, we decided to create a simpler, general purpose NDA for all 1099 contractors. The lawyer created it and before I approved it I checked it against the book. I found three items that really should have been in our NDA that we would have missed, thank you Mr. Wood!

If you are a techie, do you need this book? Sure, because everything we do as a techie or engineer has liability implications for the company. Each topic is very clear, concise, and well thought out. It takes a few seconds to look it up, about two minutes to read the section and that investment is well worth your time.

Yes, this is an expensive book; however, it is worth the investment, every organization should have at least one copy. S.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


16 of 18 people found the following review helpful:
4.0 out of 5 stars Notes on ISPME version 10, January 24, 2006
This review is from: Information Security Policies Made Easy, Version 10 (Hardcover)
Book is a very good resource on information security policies; however, I was disappointed that this book did not match ISO 17799 version 2005 it only matched the 2000 version. I would wait for the next version of the book for updated material matches for ISO 17799 v2005. The authors should have provided updates via CD ROM or download to support this necessary update to this version they have not. You would seem to think at $795.00 a pop for the book and CDROM you would get better support on the material in the book. Also pay close attention to the license uses of the security policies..
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Share your thoughts with other customers: Create your own review
 
 
 
Most Recent Customer Reviews




Only search this product's reviews


Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
First Sentence:
Information security policies are a special type of documented business rule. Read the first page
Key Phrases - Capitalized Phrases (CAPs): (learn more)
Four-Category Data Classification, Faxing Sensitive Information, Five-Category Application Criticality Classification Scheme, Network Controls, Violation And Problem Reporting, Publicly Available Systems, Access Control Policy, Electronic Mail Message Monitoring, Security Of Electronic Office Systems, Asset Inventory, Incident Reporting, Security Of Electronic Mail, Password Management System, Bonding Workers, Information Labeling And Handling, Message Disclaimer, Password Attempts, Encryption Process Approval, Hardcopy Disposal, Information System Control Reviews, Malfunctioning Access Control, Physical Access Of Terminated Workers, Private Information Collection Approval, Systems Monitoring Tools, Terms And Conditions Of Employment
New!
Books on Related Topics | Concordance | Text Stats
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:

Books on Related Topics (learn more)
 
 

What Other Items Do Customers Buy After Viewing This Item?

Explore similar items

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
 
(1)
See all 2 tags...

Your tags: Add your first tag
 
See most popular tags

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Active discussions in related forums
Search Customer Discussions
Search all Amazon discussions
   
Related forums

Listmania!


Create a Listmania! list

So You'd Like to...


Create a guide

Look for Similar Items by Category

Look for Similar Items by Subject

Search Books by subject:



i.e., each book must be in subject 1 AND subject 2 AND ...