Rating:
(7 reviews)
Author: Thomas R. Peltier
ISBN : 0849319587
New from $67.97
Format: PDF
You can download Free Information Security Policies and Procedures: A Practitioner's Reference, Second Edition [Hardcover] for everyone book mediafire, rapishare, and mirror link
Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition illustrates how policies and procedures support the efficient running of an organization. This book is divided into two parts, an overview of security policies and procedures, and an information security reference guide. This volume points out how security documents and standards are key elements in the business process that should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies.
The book emphasizes how information security must be integrated into all aspects of the business process. It examines the 12 enterprise-wide (Tier 1) policies, and maps information security requirements to each. The text also discusses the need for top-specific (Tier 2) policies and application-specific (Tier 3) policies and details how they map with standards and procedures.
It may be tempting to download some organization’s policies from the Internet, but Peltier cautions against that approach. Instead, he investigates how best to use examples of policies, standards, and procedures toward the achievement of goals. He analyzes the influx of national and international standards, and outlines how to effectively use them to meet the needs of your business.
Download latest books on mediafire and other links compilation Free Information Security Policies and Procedures: A Practitioner's Reference, Second Edition [Hardcover]
- Hardcover: 448 pages
- Publisher: Auerbach Publications; 2 edition (May 20, 2004)
- Language: English
- ISBN-10: 0849319587
- ISBN-13: 978-0849319587
- Product Dimensions: 1.1 x 6.5 x 9.3 inches
- Shipping Weight: 1.5 pounds (View shipping rates and policies)
Free Information Security Policies and Procedures: A Practitioner's Reference, Second Edition
This is a useful book for me to reference, especially when I deal with challenges in security policy framework review. The most impressive pages include the tier 1-2-3 framework, proper wordings in policy, policy sample studies and analysis, complete checklist and questionnaire.
After reading this book or on-and-off reference, I always remember four major elements in a policy:
1. Topic
2. Scope
3. Responsibility
4. Compliance
In addition, I have shared this book with an IT supervisor, he always go for this book for the team reference. I do feel happy to recommend it. Moreover, it readily happens to me I could apply the hints and tips from this book to the revised policy. Meanwhile, compared with the company's policy, it is undoubted organized and logical.
Be honest, in reality, many people still always mix up policy, standard and procedures as well as guidelines and produce a "Spaghetti-like" document to deal with auditor and compliance once a year only, you could say, many companies treat it as a last-minute homework.
By Anthony Lai Cheuk Tung
While this is a good reference, it's value does not match its price. The entire book in not included on the CD and the book does not include a "complete" set of policies. It is certainly enough to get you started, but not enough to complete the task.
If you are considering buying a used copy from an amazon marketplace seller as I did, be careful. The pages did not fit the binder and the CD was missing its setup file. I had to return it.
If you need assistance with security policies and procedures, take a look at Thomas Peltier's other book, Information Security Policies, Procedures and Standards: Guidelines for Effective Information Security Management. It contains almost all of the same material, at a much more reasonable price.