Security planning & disaster recovery
- نوع فایل : کتاب
- زبان : انگلیسی
- مؤلف : Eric Maiwald; William Sieglein
- ناشر : New York : McGraw-Hill/Osborne
- چاپ و سال / کشور: 2002
- شابک / ISBN : 9780072228304
Description
Guiding Principles in Plan Development -- The Role of the Information Security Program -- Getting Off on the Right Foot -- Establishing the Role of Security -- Reporting Structure -- Mission Statement -- Long-Term Goals -- Short-Term Objectives -- Relationships -- Technical Relationships -- Business Relationships -- Checklist: Key Roles of the Program -- Laws and Regulations -- Working with the Legal and Compliance Departments -- Legal Background -- Computer Fraud and Abuse Act of 1986 -- Electronic Communications Privacy Act of 1986 -- Computer Security Act of 1987 -- National Information Infrastructure Protection Act of 1996 -- Gramm-Leach-Bliley Financial Services Modernization Act -- Health Insurance Portability and Accountability Act (HIPAA) -- Checklist: Key Points in Information Security Legal Issues -- Assessments -- Internal Audits -- External Audits -- Assessments -- Self-Assessments -- Vulnerability Assessments -- Penetration Tests -- Risk Assessments -- Checklist: Key Points in Assessments -- Plan Implementation -- Establishing Policies and Procedures -- Purpose of Policies -- Policies to Create -- Acceptable Use Policy -- Information Security Policy -- Dealing with Existing Documents -- Getting Buy-In -- Policy Review -- Checklist: Key Points in Establishing Policies and Procedures -- Implementing the Security Plan -- Where to Start -- Establish the Plan -- Risk Assessment -- Risk Reduction Plan -- Develop Policies -- Solution Deployment -- Training -- Audit and Reporting -- Do It All Over Again.