The Disaster Center Bookstore
Disaster Center Bookstore-a service of Rothstein Associates
Business Policies
|
Information Security Policy Manual
| ![[Item Image]](it290008.jpg) |
|
|
by Business_Policies.com. 2001, 57 pages
on CD-ROM. ISBN # 1-931332-09-6.
|
|
CD524
|
|
$89.00
|
INFORMATION SECURITY POLICY MANUAL ON CD-ROM
by Business_Policies.com
===============================================
Published by The Rothstein Catalog On Disaster Recovery.
In stock for immediate shipment.
===============================================
Protecting the information that resides on an organization's computer system is as important
as protecting the assets within the facility and in some cases more important. The first step
in protecting this information is the establishment of corporate policy to control access to the
computers and the data.
- Comprehensive Information Security Policies
- Easily modified to fit your organization needs and objectives.
- Broad range of policies for all types of computer systems and databases.
- Cover a broad range of topics including:
- Encryption
- Data Ownership
- Physical Security
- Inventories
- Off-Site Storage
- And More...
===============================================
TABLE OF CONTENTS
CORPORATE POLICY
Corporate Security Policy
INFORMATION SECURITY POLICIES
Application Ownership
Applications Development
Associates Responsibility - Logon Identification
Computer Environment
Computer Systems
Corporate Computer Room Access
Data and Information Classification
Data Ownership
Electronic Data Interchange
Emergency Logon Identification
Encryption of Data
Exceptions to Approved Policies and Procedures
Information Security
Inventories
Logon Identification and Password
Magnetic Media
Off-site Storage
Printing and Distribution of Reports
Production File Changes
Public Communication Networks
Record Retention/Disposal
Remote User Identification
Safeguarding Information
Security Awareness and Training Program
Security Violations
Software Piracy
Software Selection, Evaluation and Implementation
System Sign-on Screens
Technical Support
Virus Protection
Voice Communications
===============================================
EXCERPT - SAMPLE POLICY:
SECURITY AWARENESS AND TRAINING PROGRAM
“While security is a. full tine concern for all levels of management and all associates, human
nature dictates that it becomes something we do automatically as routine. This reaction can
result in compromises in the security program that may have a detrimental effect upon the
organization. To reduce the probability f this occurring, [Information Security] will develop a
training refresher class to be given to all associates on an annual basis. Attendance at this
class will be mandatory for all associates.
“Management is responsible for ensuring that all of their associates receive the mandatory
annual security training. Upon completion of such training managers will ensure that the
appropriate documentation indicating the completion of the training is forwarded to [Human
Resources] for inclusion in the individual's personnel file.
“In addition, [Information Security] working with the [Corporate Security Officer] will develop
and maintain a security awareness brochure which can a provided to all new associates when
they join the company. [Information Security] will also provide articles for incorporation into
the company newsletter that highlight the need for security and provide the answers to
frequently asked security questions.
Policy Superceded:
Responsible Department:
Effective Date:
[Signature President/Chief Executive Officer]”
===============================================
ABOUT THE AUTHOR:
EDMOND D. JONES is certified as a Master Business Continuity Planner (MBCP) by the
Disaster Recovery Institute, International. His involvement with continuity planning began in
1964 and continued throughout his 20-year military career. This experience included planning
for various types of organizations, including data processing organizations. Working in the
commercial sector since 1985, he has assisted 100's of businesses in the United States and
Canada in defining and establishing their business continuity programs and plans. Mr. Jones
has been an instructor for the Disaster Recovery Institute, International; assisted in
development of the Institute's Professional Practices; and, was responsible for designing the
review course for candidates preparing for the MBCP examination. In addition, Mr. Jones was
one of the first members of the Disaster Recovery Institute to be elected to serve on the
Institute's Certification Board. Mr. Jones has had articles published in the Disaster Recovery
Journal and been an expert source for articles in ComputerWorld and the Law Office
Administrator.
===============================================
Published by THE ROTHSTEIN CATALOG ON DISASTER RECOVERY.
In stock for immediate shipment.
ISBN # 1-931332-09-6
===============================================
2001, 57 pages, CD-ROM. Order #DR524.
===============================================
Disaster Center Bookstore-a service of Rothstein Associates
Rothstein Associates Inc.
4 Arapaho Rd.
Brookfield, CT 06804-3104
1-888-ROTHSTEin
Telephone: 203.740.7444; 888.768.4783
Fax: 203.740.7401
![[Home]](b_home.jpg)
![[Catalog]](b_catl.jpg)
![[Category]](b_catg.jpg)
![[Previous Item]](b_left.jpg)
![[Next Item]](b_right.jpg)
![[Checkout]](b_chkout.jpg)
![[Review Cart]](b_review.jpg)
![[Button]](ordrinfo.jpg)