Re: Best Practices

[aditya mukadam <aditya.mukadam () gmail com>]

Hello John,

Please take a look at below link. There is lot of resource available
for you to get/prepare the required security practices for the
respective departments.

http://csrc.nist.gov/publications/PubsTC.html

Hope this helps.

Thanks,
Aditya Govind Mukadam

On Mon, Feb 16, 2009 at 5:32 PM, John <tornado579 () gmail com> wrote:
> Hi All,
>
> I was just wondering whether we have any web resources which will cater to
> best information security practices follwed for the following departments:
>
> 1. IT
> 2. HR
> 3. Admin / Facilities
>
> I know there are standards like ISO 27001 but it does not exactly go in the
> details. For e.g. If company has access control cards issued to the
> employees....what are the pros and cons of this control from Risk
> perspective and any other alternatives to this control etc.
>
> Please comment.
>
> Thanks.