Information Security Architecture: An Integrated Approach to Security in the Organization

Published:
September 25, 2000 by Auerbach Publications - 384 Pages
Author(s):
Jan Killmeyer, Tudor Engineering Management, Butler, Pennsylvania, USA

Purchasing Options

Hardback
Not available
in your region
ISBN 9780849399886
Cat# AU9988
 

Features

  • Safeguard sensitive, critical, and proprietary information from unauthorized access, disclosure or modification
  • Protect information systems and supporting computer resources from loss, damage, or destruction
  • Provide organizational management with reasonable assurance as to the integrity, confidentiality and availability of information assets and computing resources
  • Recognize and adopt all federal and state regulations concerning the confidentiality of an industry's critical information.

    • Summary

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.

    Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives with an understanding of the requirements for a strategic plan for security within the organization.

    Table of Contents

    Executive Summary
    Information Security Architecture
    Security Organization and Infrastructure
    Security Policies, Standards, and Procedures
    Security Baselines and Risk Assessments
    Security Awareness and Training Program
    Compliance
    Pitfalls to an Effective ISA Program
    Security Technology
    Conclusion
    Appendixes
    A-1 The Information Security Policy
    A-2 Information Security Acknowledgement Form
    A-3 Network Computing Policy
    A-4 Email Policy
    A-4 Internet Policy
    A-5 Security Standards and Procedures Table of
    A-6 Anti-Virus Program Procedures
    B-1 Information Security Assessment Workplan
    B-2 Application Security Workplan
    B-3 Network Security Assessment Workplan
    B-4 Windows NT Assessment Workplan
    B-5 Telecommunications Workplan
    C-1 Incident Response Plan--Sample
    C-2 Line of Business Security Plan--Sample

    Related Titles