Here''s your how-to manual for developing policies and procedures that maintain the security of information systems and networks in the workplace. It provides numerous checklists and examples of existing programs that you can use as guidelines for creating your own documents.
You''ll learn how to identify your company''s overall need for data security; how to research any measures already being taken; how to develop employee awareness of security procedures; and how to devise an effective program that will get support from all members of your organization-from senior managers to end users.
Topics covered include: developing the policy and mission statements; the four key elements of data classification; volume contents; establishing a review panel; creating the employee awareness program; monitoring company/employee compliance; and computer and information security laws. This results-oriented manual also gives you a list of further resources and data security definitions.
Thomas R. Peltier has numerous years of field experience in corporate information security, and is a member of the Advisory Council of the Computer Security Institute (CSI).