相關主題
商品描述
Here’s your how-to manual for developing policies and procedures that maintain the security of information systems and networks in the workplace. It provides numerous checklists and examples of existing programs that you can use as guidelines for creating your own documents.
You’ll learn how to identify your company’s overall need for data security; how to research any measures already being taken; how to develop employee awareness of security procedures; and how to devise an effective program that will get support from all members of your organization―from senior managers to end users.
Topics covered include: developing the policy and mission statements; the four key elements of data classification; volume contents; establishing a review panel; creating the employee awareness program; monitoring company/employee compliance; and computer and information security laws. This results-oriented manual also gives you a list of further resources and data security definitions.
Thomas R. Peltier has numerous years of field experience in corporate information security, and is a member of the Advisory Council of the Computer Security Institute (CSI).
商品描述(中文翻譯)
這是您開發政策和程序的手冊,旨在維護工作場所資訊系統和網路的安全。它提供了許多檢查清單和現有計畫的範例,您可以將其作為創建自己文件的指導。
您將學習如何識別公司對資料安全的整體需求;如何研究已採取的任何措施;如何提高員工對安全程序的認識;以及如何制定一個有效的計畫,以獲得組織內所有成員的支持——從高層管理者到最終使用者。
涵蓋的主題包括:制定政策和使命聲明;資料分類的四個關鍵要素;內容的體量;建立審查小組;創建員工意識計畫;監控公司/員工的合規性;以及計算機和資訊安全法律。這本以結果為導向的手冊還提供了進一步資源和資料安全定義的清單。
Thomas R. Peltier 在企業資訊安全領域擁有多年實務經驗,並且是計算機安全研究所 (CSI) 諮詢委員會的成員。
