Information Security Policy Development for Compliance: ISO/IEC 27001, NIST SP 800-53, HIPAA Standard, PCI DSS V2.0, and AUP V5.0
Autor Barry L. Williamsen Limba Engleză Hardback – 22 mar 2013
Explaining how to write policy statements that address multiple compliance standards and regulatory requirements, the book will help readers elicit management opinions on information security and document the formal and informal procedures currently in place. Topics covered include:
- Entity-level policies and procedures
- Access-control policies and procedures
- Change control and change management
- System information integrity and monitoring
- System services acquisition and protection
- Informational asset management
- Continuity of operations
A valuable resource for policy writers who must meet multiple compliance standards, this guidebook is also available in eBook format. The eBook version includes hyperlinks beside each statement that explain what the various standards say about each topic and provide time-saving guidance in determining what your policy should include.
Preț: 559.51 lei
Preț vechi: 699.39 lei
-20% Nou
Puncte Express: 839
Preț estimativ în valută:
107.09€ • 111.38$ • 89.74£
107.09€ • 111.38$ • 89.74£
Carte tipărită la comandă
Livrare economică 13-27 martie
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781466580589
ISBN-10: 1466580585
Pagini: 152
Ilustrații: illustrations
Dimensiuni: 156 x 234 x 15 mm
Greutate: 0.41 kg
Ediția:New.
Editura: CRC Press
Colecția Auerbach Publications
ISBN-10: 1466580585
Pagini: 152
Ilustrații: illustrations
Dimensiuni: 156 x 234 x 15 mm
Greutate: 0.41 kg
Ediția:New.
Editura: CRC Press
Colecția Auerbach Publications
Public țintă
Academic and PostgraduateCuprins
Introduction. Entity Level Policies and Procedures. Access Control Policies and Procedures. Change Control and Change Management. System Information Integrity and Monitoring. System Services Acquisition and Protection. Informational Asset Management. Continuity of Operations.
Notă biografică
Barry L. Williams (PhD, Department of Psychological Sciences, Purdue University)
Descriere
Compliance standards, of which there are many, can and should be used as a guide to write comprehensive and effective security policies. Many standards cover much of the same topics, but they each state the requirements in slightly different ways. This book provides security managers with a simplified way to address the regulatory requirements of an organization by writing policy statements that specifically address these requirements. The book enables them to more efficiently write policies that meet the major regulatory requirements.