Description
A Comprehensive Solution Manual for Security Policies and Procedures: Principles and Practices By Sari Greene
Part I. Introduction to an Information Security Program
1. Information Security Program Objectives
2. Information Security Program Elements
Part II. Information Security Program Domains
3. Governance (Organizational Structure, Roles and Responsibilities)
4. Risk Management
5. Policy Development and Implementation
6. Layered Defense (Authentication, Authorization and Access Controls)
7. Operation Security
8. Personnel Security (Employee Lifecycle Including Training and Awareness)
9. Incident Response
10. Continuity of Operations
11. Vendor Management
12. Audit and Monitoring
Part III. Regulatory Compliance
13. Federal Regulations (GLBA, HIPAA/HITECH, FISMA)
14. State Data Security and Notification Requirements
15. PCI-DSS
Appendix A. Adapting an Infosec Program for Small Business Implementation.
Reviews
There are no reviews yet.