Information Security Policies and Procedures and over one million other books are available for Amazon Kindle. Learn more

Quantity:

Buy New


	Amazon Prime Free Trial required. Sign up when you check out. Learn More

Buy Used

Used - Good See details

$61.91 & this item ships for FREE with Super Saver Shipping. Details

Fulfilled by Amazon

Kindle Edition Read the Kindle edition on Kindle, iPhone, iPad, Android, BlackBerry, PC and Mac.

Sell Back Your Copy

For a $21.57 Gift Card

Learn more

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

Start reading Information Security Policies and Procedures on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Information Security Policies and Procedures: A Practitioner's Reference, Second Edition [Hardcover]

Thomas R. Peltier (Author)

3.7 out of 5 stars See all reviews (7 customer reviews) |

List Price:	$102.95
Price:	$79.21 & this item ships for FREE with Super Saver Shipping. Details
Deal Price:
You Save:	$23.74 (23%)
	Special Offers Available
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Tuesday, January 31? Choose One-Day Shipping at checkout. Details

FREE Two-Day Shipping for Students. Learn more

	Amazon Price	New from	Used from
Kindle Edition	$51.99	--	--
Hardcover	$79.21	--	--
See # more hardcovers
Show fewer hardcovers
Paperback	--	--	--

Sell Back Your Copy for $21.57

Whether you buy it used on Amazon for $60.00 or somewhere else, you can sell it back through our Book Trade-In Program at the current price of $21.57.

Used Price$60.00
Trade-in Price$21.57

Price after
Trade-in$38.43

› See more product promotions

Book Description

ISBN-10: 0849319587 | ISBN-13: 978-0849319587 | Publication Date: May 20, 2004 | Edition: 2

Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies.

The book emphasizes how information security must be integrated into all aspects of the business process. It examines the 12 enterprise-wide (Tier 1) policies, and maps information security requirements to each. The text also discusses the need for top-specific (Tier 2) policies and application-specific (Tier 3) policies and details how they map with standards and procedures.

It may be tempting to download some organization’s policies from the Internet, but Peltier cautions against that approach. Instead, he investigates how best to use examples of policies, standards, and procedures toward the achievement of goals. He analyzes the influx of national and international standards, and outlines how to effectively use them to meet the needs of your business.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; } Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies.

Special Offers and Product Promotions

Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)

Frequently Bought Together

Security Policies and Procedures: Principles and Practices

Price For All Three: $254.57

Show availability and shipping details

Buy the selected items together

This item: Information Security Policies and Procedures: A Practitioner's Reference, Second Edition by Thomas R. Peltier Hardcover $79.21

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
Guide to Disaster Recovery by Michael Erbschloe Paperback $83.97

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
Security Policies and Procedures: Principles and Practices by Sari Greene Paperback $91.39

In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Guide to Disaster Recovery by Michael Erbschloe
4.0 out of 5 stars (2)

$83.97
Security Policies and Procedures: Principles and P... by Sari Greene
3.5 out of 5 stars (4)

$91.39
Network Security: Private Communication in a P... by Charlie Kaufman
4.6 out of 5 stars (18)

$56.36
Database Security and Auditing: Protecting D... by Hassan A. Afyouni
3.0 out of 5 stars (4)

$92.07
Cyberethics: Morality and Law in Cyberspace,... by Richard Spinello
2.4 out of 5 stars (5)

$52.58
HOWTO Secure and Audit Oracle 10g and 11g by Ron Ben-Natan
3.3 out of 5 stars (3)

$62.96

Editorial Reviews

Review

The path to information security is a long one, but in this book author Thomas Peltier makes the scenery attractive along the way. Peltier walks the reader through [the text] with clarity, completeness, and humor.
- Security Management, June 2005

Product Details

Hardcover: 448 pages
Publisher: Auerbach Publications; 2 edition (May 20, 2004)
Language: English
ISBN-10: 0849319587
ISBN-13: 978-0849319587
Product Dimensions: 9.2 x 6.4 x 1.1 inches
Shipping Weight: 1.5 pounds (View shipping rates and policies)

Average Customer Review: 3.7 out of 5 stars See all reviews (7 customer reviews)

Amazon Best Sellers Rank: #203,512 in Books (See Top 100 in Books)

Would you like to update product info or give feedback on images?

More About the Author

› Visit Amazon's Thomas R. Peltier Page

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

7 Reviews

5 star:		(4)
4 star:		(0)
3 star:		(1)
2 star:		(1)
1 star:		(1)

Average Customer Review

3.7 out of 5 stars (7 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

6 of 6 people found the following review helpful:

5.0 out of 5 stars Practical Policy Reference, May 19, 2005

Anthony Lai Cheuk Tung "Anthony LAI, CISSP, C... (Hong Kong SAR) - See all my reviews

This review is from: Information Security Policies and Procedures: A Practitioner's Reference, Second Edition (Hardcover)

This is a useful book for me to reference, especially when I deal with challenges in security policy framework review. The most impressive pages include the tier 1-2-3 framework, proper wordings in policy, policy sample studies and analysis, complete checklist and questionnaire.

After reading this book or on-and-off reference, I always remember four major elements in a policy:
1. Topic
2. Scope
3. Responsibility
4. Compliance

In addition, I have shared this book with an IT supervisor, he always go for this book for the team reference. I do feel happy to recommend it. Moreover, it readily happens to me I could apply the hints and tips from this book to the revised policy. Meanwhile, compared with the company's policy, it is undoubted organized and logical.

Be honest, in reality, many people still always mix up policy, standard and procedures as well as guidelines and produce a "Spaghetti-like" document to deal with auditor and compliance once a year only, you could say, many companies treat it as a last-minute homework.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

10 of 12 people found the following review helpful:

3.0 out of 5 stars Spend Your Money Elsewhere, April 12, 2002

By A Customer

Amazon Verified Purchase(What's this?)

This review is from: Information Security Policies and Procedures: A Practitioner's Reference (Paperback)

While this is a good reference, it's value does not match its price. The entire book in not included on the CD and the book does not include a "complete" set of policies. It is certainly enough to get you started, but not enough to complete the task.

If you are considering buying a used copy from an amazon marketplace seller as I did, be careful. The pages did not fit the binder and the CD was missing its setup file. I had to return it.

If you need assistance with security policies and procedures, take a look at Thomas Peltier's other book, Information Security Policies, Procedures and Standards: Guidelines for Effective Information Security Management. It contains almost all of the same material, at a much more reasonable price.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

6 of 8 people found the following review helpful:

5.0 out of 5 stars A true practitioner's reference, August 5, 2004

Donald E. Hester "Cyber Security Guru" (SF Bay Area, CA United States) - See all my reviews
(REAL NAME)

This review is from: Information Security Policies and Procedures: A Practitioner's Reference, Second Edition (Hardcover)

This is one of the best books available for information systems security polices. The book covers tier 1 and tier 2 policies. This book looks at policies as a business enabler where policies support management's organizational goals. Great samples!

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

Share your thoughts with other customers: Create your own review

› See all 7 customer reviews...

Most Recent Customer Reviews

1.0 out of 5 stars Terrible Seller
I ordered this book a month ago for class. I am now in starting my third week of the class with no book. Read more

Published 12 months ago by K. Russo

5.0 out of 5 stars Good reading for all software engineers
It explains how why and how to integrate security policies and procedures across all tiers of software engineering organization. Read more

Published on August 3, 2008 by Nagaraja Doddappa

5.0 out of 5 stars Great book!
If you are doing infosec policy dev., this book is aweseome!

It saved me 10 hours this week alone.

Published on November 24, 2004 by Eric Kent

2.0 out of 5 stars look elsewhere
I must agree with the previous reviewer, this book is lacking.
I bought a copy new and had the same problem where the
holes punched in the paper does not match the... Read more

Published on August 23, 2002 by Frank Cusack

› See all 7 customer reviews...

Front Cover | Table of Contents | First Pages | Index | Surprise Me!

Inside This Book (learn more)

First Sentence:
As security professionals, we often take the view that the overall objective of an information security program is to protect the integrity, confidentiality, and availability of that information. Read the first page

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Employee Standards of Conduct, Recommended Standard, Baseline Program Recommendation, Retention Center, Recommended Policy, Records Manager, Steering Committee, General Auditor, Compliance Company, Compliance Failure, Policy Information, Responsibilities Employees, Core Team, Corporate Communications, Corporate Retention Schedule, Database Administration, Responsibilities Company, Central Stores, Critique of Example, Destruction Request, E-Mail Usage Policy, Employment Practices, General Counsel, Typical Tier, Business Continuity Implement

New!
Books on Related Topics | Concordance | Text Stats

Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Surprise Me!

Citations (learn more)

This book cites 22 books:

Strategic Information Security by John Wylder in Front Matter
Information Technology Control and Audit, Second Edition by Sandra Senft in Front Matter
Building an Information Security Awareness Program by Mark B. Desman in Front Matter
The Ethical Hack: A Framework for Business Value Penetration Testing by James S. Tiller in Front Matter
Information Security Risk Analysis, Second Edition by Thomas R. Peltier in Front Matter

See all 22 books this book cites

1 book cites this book:

Official (ISC)2 Guide to the CISSP Exam ((ISC)2 Press) by Susan Hansche CISSP on page 77, and page 375

Books on Related Topics (learn more)

Information Security Fundamentals by Thomas R. Peltier

Discusses:

What Other Items Do Customers Buy After Viewing This Item?

Guide to Disaster Recovery by Michael Erbschloe Paperback
4.0 out of 5 stars (2)

$83.97

Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management by Thomas R. Peltier Paperback
4.2 out of 5 stars (5)

$71.42

Writing Information Security Policies by Scott Barman Paperback
4.5 out of 5 stars (11)

$28.62

Security Policies and Procedures: Principles and Practices by Sari Greene Paperback
3.5 out of 5 stars (4)

$91.39

› Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

computer science(2)

computer security(1)

information seurity(1)

managers guides to computing(1)

Agree with these tags?

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook Buyback forum Ebooks	9	7 hours ago
Textbook forum Never Again	29	13 hours ago
Textbook Buyback forum Name on book	5	13 hours ago
Textbook Buyback forum I have only one ISBN number	0	16 hours ago
Textbook Buyback forum Different Cover, same ISBN	0	16 hours ago
Textbook Buyback forum Missed shipping date	0	17 hours ago
Textbook Buyback forum Directed here to Textbook Buyback Forum by Amazon	0	1 day ago
Textbook forum I just received a "very good" textbook without its disc - what are your thoughts?	168	3 days ago