Security Basics mailing list archives
Re: Security policy
From: Tamarcus A Person <tperson () csc com>
Date: Wed, 25 Oct 2006 16:25:12 -0400
You can start by visiting the following websites below: http://www.itl.nist.gov/fipspubs/by-num.htm http://csrc.nist.gov/publications/nistpubs/index.html The above links will provide you with a basis of how to put together any type of policy. Good Luck! Tamarcus A. Person, CSC e-services TIPSS IT Security & Privacy Engineer (301) 731-3520 -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- "Francois Yang" <francois.y@gmail .com> To Sent by: security-basics@lists.securityfocus listbounce@securi .com tyfocus.com cc Subject 10/24/2006 05:38 Security policy PM Can anyone please point me in the right direction. I need to write some security policies, but I'm not sure where to begin. I know there are alot of examples and templates out there, but what do I include in the policy. I see seperated policies for e-mail, password, remote access, acceptable use, etc...but I was also told that it is better to try to make all of those fit into one so that we don't have to keep track of 10 different policies. The question is, which one do I include in one big security policy and which ones to I make them seperate? thank you. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Security policy Francois Yang (Oct 25)
- RE: Security policy Roger A. Grimes (Oct 25)
- RE: Security policy Weir, Jason (Oct 25)
- Re: Security policy Russ Foster (Oct 25)
- Re: Security policy Tamarcus A Person (Oct 25)
- Re: Security policy Matt Lye (Oct 27)
- <Possible follow-ups>
- RE: Security policy Laundrup, Jens (Oct 25)
- Re: Security policy Francois Yang (Oct 25)
- RE: Security policy Murda Mcloud (Oct 27)
- Re: Security policy Tamarcus A Person (Oct 27)
- Re: Security policy Francois Yang (Oct 25)
- RE: Security policy Luis Lopez Sanchez (Oct 27)
- RE: Security policy Ramirez, Steven (Oct 27)