Presentation is loading. Please wait.

Presentation is loading. Please wait.

G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer.

Similar presentations


Presentation on theme: "G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer."— Presentation transcript:

1 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer Security Policy Ward Parker Global Integrity

2 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 2 What Are Policies? Management instructions Provide overall objectives Guidelines, Standards, Procedures Difference between “must” and “should”

3 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 3 Why are Policies Important? Foundation of all Computer Security Operations Effective vs.. Chaos Got a good lawyer? Cart before the Horse Syndrome Put Management to work for you

4 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 4 What Makes a Successful Policy? Brevity is an Art Clarity is your friend Give them what they need, not what they want Tailor to the organization Eating an elephant

5 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 5 Types of Policies Regulatory Advisory Informative

6 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 6 Common Components Statement of Policy Authorizing individual Author Reference to other policies, if any Measurement of Expectations Waiver Requests Process for Requesting Change Violation Effective Date Review Date

7 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 7 Publication Methods Policy Manual Personal Guides Brochures On-line Documents Whatever you choose, make sure they are accessible!

8 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 8 Implementation…Nobody Said It Would Be Easy Management doesn’t understand importance Lack of support throughout organization Awareness & Training of users

9 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 9 Questions/Comments Sources: “Information Security Made Easy” “Handbook of Information Security Management” (703) 293-5302/wcp@globalintegrity.com


Download ppt "G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer."

Similar presentations


Ads by Google