Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
Select Format
Select Condition 
Book Overview
Providing the mechanics for policy, procedure, and standards development, Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management shows the reader what to look for when developing an enterprise's procedures. It examines the recommended industry standards and shows how to customize them to fit specific needs. Three major sections cover: writing policies, writing procedures, and writing standards. Each section can be used separately when needed, or as a whole to develop a comprehensive set of documents. The book contains checklists, sample policies, procedures, standards, guidelines, and a synopsis of the relevant BS 7799 and ISO 17799 standards.
Format:Paperback
Language:English
ISBN:0849311373
ISBN13:9780849311376
Release Date:December 2001
Publisher:Auerbach Publications
Length:312 Pages
Weight:1.50 lbs.
Dimensions:0.9" x 6.9" x 10.0"
Customer Reviews
4 ratings
This book is truly a treasure of knowledge.
Published by Thriftbooks.com User , 18 years ago
Information security policies and all of in this book. This is a great advice for business to start, continue, follow on their journey. Thomas has captured the essence of what the business of all levels want to know when it comes to developing IT policies and systems. This book is must read for all of business executive.
Really good
Published by Thriftbooks.com User , 20 years ago
Really good for anyone doing infosec policy dev. this will save you a ton of time.
Excellent practical guidebook
Published by Thriftbooks.com User , 21 years ago
This is the best book I've seen (so far!) about writing infosec policies and associated materials. Tom Peltier refers directly to the ISO 17799 structure and gives helpful advice on what to include under the ten sections. More than that, he guides the reader through the *process* of writing and implementing policies, even including a brief chapter on my own specialism, security awareness, and suggestions on writing style.My main quibble with the book is its inconsistency in the level of detail e.g. 41 of the 191 main text pages are devoted to information classification. There are perhaps too many lists and tables for my liking, but these may be useful as reminders of things to include.Overall, the book is helpful if you are about to write infosec policies and want to avoid some of the more common pitfalls.
Good book for Infosec Management
Published by Thriftbooks.com User , 23 years ago
If you want to find out the relation between Policies, Procedures and Standards buy this book. Although the flow of text is somewhat discontinuous but the author clearly explains the underlying concepts. The examples are very illustrative and have a real world feel. The author has been on the frontlines (clearly evident throughout the text) and this distinguishes the book from rest in the pack. Very few books talk about ISO 17799 and BS7799 in detail. This book goes beyond just reproducing the standard and explains the positioning of such guidelines. The tables and checklists found in the appendices alone are worth many times the cost of the book.
Copyright © 2025 Thriftbooks.com
Terms of Use | Privacy Policy | Do Not Sell/Share My Personal Information | Cookie Policy | Cookie Preferences | Accessibility Statement
ThriftBooks ® and the ThriftBooks ® logo are registered trademarks of Thrift Books Global, LLC
ThriftBooks ® and the ThriftBooks ® logo are registered trademarks of Thrift Books Global, LLC
