Presentation is loading. Please wait.

Presentation is loading. Please wait.

G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer.

Published byDorcas Moore Modified over 9 years ago

Similar presentations

Presentation on theme: "G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer."— Presentation transcript:

1 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer Security Policy Ward Parker Global Integrity

2 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 2 What Are Policies? Management instructions Provide overall objectives Guidelines, Standards, Procedures Difference between “must” and “should”

3 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 3 Why are Policies Important? Foundation of all Computer Security Operations Effective vs.. Chaos Got a good lawyer? Cart before the Horse Syndrome Put Management to work for you

4 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 4 What Makes a Successful Policy? Brevity is an Art Clarity is your friend Give them what they need, not what they want Tailor to the organization Eating an elephant

5 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 5 Types of Policies Regulatory Advisory Informative

6 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 6 Common Components Statement of Policy Authorizing individual Author Reference to other policies, if any Measurement of Expectations Waiver Requests Process for Requesting Change Violation Effective Date Review Date

7 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 7 Publication Methods Policy Manual Personal Guides Brochures On-line Documents Whatever you choose, make sure they are accessible!

8 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 8 Implementation…Nobody Said It Would Be Easy Management doesn’t understand importance Lack of support throughout organization Awareness & Training of users

9 G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 9 Questions/Comments Sources: “Information Security Made Easy” “Handbook of Information Security Management” (703) 293-5302/wcp@globalintegrity.com

Download ppt "G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer."

Similar presentations

Training Guide. `

Training Guide. `
1 User Documentation - Written Types of Written User Documentation (WUD)

1 User Documentation - Written Types of Written User Documentation (WUD)
Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.

Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.
The HIPAA specialists Partnership Discussion A Winning Partnership for HIPAA E-learning Solutions John Danaher HIPAA Summit V.

The HIPAA specialists Partnership Discussion A Winning Partnership for HIPAA E-learning Solutions John Danaher HIPAA Summit V.
Things To Remember About Completing I-9 Forms

Things To Remember About Completing I-9 Forms
Acceptable Use Policy Quiz Boston Public Schools Technology Awareness Initiative.

Acceptable Use Policy Quiz Boston Public Schools Technology Awareness Initiative.
ACCOMMODATIONS MANUAL How to Select, Administer, and Evaluate Use of Accommodations for Instruction and Assessment of Students with Disabilities.

ACCOMMODATIONS MANUAL How to Select, Administer, and Evaluate Use of Accommodations for Instruction and Assessment of Students with Disabilities.
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
What is User Centered Design? Create “usable” user interface Reduce need for teaching, help, and manuals Uncover and address unmet needs Follow a process.

What is User Centered Design? Create “usable” user interface Reduce need for teaching, help, and manuals Uncover and address unmet needs Follow a process.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Topics  Training and documents currently released  Training and documents to be released  Updates for Test Administrator certification 1.

Topics  Training and documents currently released  Training and documents to be released  Updates for Test Administrator certification 1.
Technical Documents: Types and Standards Week 6 Technical Communication Fall 2003, DAHMEN.

Technical Documents: Types and Standards Week 6 Technical Communication Fall 2003, DAHMEN.
ISO 9000 and Total Quality: The Relationship Eng. Basel F. Qandeel.

ISO 9000 and Total Quality: The Relationship Eng. Basel F. Qandeel.
Islamic Republic of Afghanistan Ministry of Education EMIS Directorate.

Islamic Republic of Afghanistan Ministry of Education EMIS Directorate.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Wisconsin Knowledge & Concepts Examination (WKCE) Test Security Wisconsin Department of Public Instruction Office of Educational Accountability 06/26/2013.

Wisconsin Knowledge & Concepts Examination (WKCE) Test Security Wisconsin Department of Public Instruction Office of Educational Accountability 06/26/2013.
SDLC Project Brady Goyn, Doug Reeves Planning Analyze Design

SDLC Project Brady Goyn, Doug Reeves Planning Analyze Design
LOGO AA Roundup March 30, 2011. 3 Can we have a copy of your procedures? The first question the auditor’s ask:

LOGO AA Roundup March 30, Can we have a copy of your procedures? The first question the auditor’s ask:
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Presented by Lubna Yasmin Pinky Class Roll: 401 Exam Roll: 090497 Reg. No. : 28176 Session: 2008-2009 Mashirah Binte Zaman Class Roll: 1407 Exam Roll:

Presented by Lubna Yasmin Pinky Class Roll: 401 Exam Roll: Reg. No. : Session: Mashirah Binte Zaman Class Roll: 1407 Exam Roll:

Similar presentations

Ads by Google