Download presentation
Presentation is loading. Please wait.
Published byDorcas Moore Modified over 9 years ago
1
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved Developing Computer Security Policy Ward Parker Global Integrity
2
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 2 What Are Policies? Management instructions Provide overall objectives Guidelines, Standards, Procedures Difference between “must” and “should”
3
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 3 Why are Policies Important? Foundation of all Computer Security Operations Effective vs.. Chaos Got a good lawyer? Cart before the Horse Syndrome Put Management to work for you
4
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 4 What Makes a Successful Policy? Brevity is an Art Clarity is your friend Give them what they need, not what they want Tailor to the organization Eating an elephant
5
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 5 Types of Policies Regulatory Advisory Informative
6
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 6 Common Components Statement of Policy Authorizing individual Author Reference to other policies, if any Measurement of Expectations Waiver Requests Process for Requesting Change Violation Effective Date Review Date
7
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 7 Publication Methods Policy Manual Personal Guides Brochures On-line Documents Whatever you choose, make sure they are accessible!
8
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 8 Implementation…Nobody Said It Would Be Easy Management doesn’t understand importance Lack of support throughout organization Awareness & Training of users
9
G l o b a l I n t e g r I t y c o r p o r a t I o n 1998 Global Integrity, an SAIC Company, Proprietary, All Rights Rights Reserved 9 Questions/Comments Sources: “Information Security Made Easy” “Handbook of Information Security Management” (703) 293-5302/wcp@globalintegrity.com
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.