Information Security Policies Made Easy, Version 12 now available! The latest release of the “Gold Standard” security policy library, Information Security Policies Made Easy, version 12, by Charles Cresson Wood, is now available! This update includes over 100 new security policies covering the latest topics including social networking, supply chain, mobile security, identity theft and many more!  ISPME V12 includes a library of over 1,500 sample security policies and a complete set of 38 essential sample policy documents.

Continue reading Information Security Policies Made Easy, Version 12 is now available!

Tags: charles cresson wood, COBIT, FISMA, HIPAA-HiTECH, information security policies made easy, ISO 17799:2005, ISO 27002, ISPME, PCI-DSS, Sarbanes-Oxley

Information Security Policies Made Easy, Version 12 now available! The latest release of the “Gold Standard” security policy library, Information Security Policies Made Easy, version 12, by Charles Cresson Wood, is now available! This update includes over 100 new security policies covering the latest topics including social networking, supply chain, mobile security, identity theft and many more!  ISPME V12 includes a library of over 1,500 sample security policies and a complete set of 38 essential sample policy documents.

Continue reading Information Security Policies Made Easy, Version 12 is now available!

Tags: charles cresson wood, COBIT, FISMA, HIPAA-HiTECH, information security policies made easy, ISO 17799:2005, ISO 27002, ISPME, PCI-DSS, Sarbanes-Oxley

Information Security Policies Made Easy, Version 12 now available!

The latest release of the “Gold Standard” security policy library, Information Security Policies Made Easy, version 12, by Charles Cresson Wood, is now available! This update includes over 100 new security policies covering the latest topics including social networking, supply chain, mobile security, identity theft and many more!  ISPME V12 includes a library of over 1,500 sample security policies and a complete set of 38 essential sample policy documents.

Tags: charles cresson wood, COBIT, FISMA, HIPAA-HiTECH, information security policies made easy, ISO 17799:2005, ISO 27002, ISPME, PCI-DSS, Sarbanes-Oxley

This is a sample policy from Information Security Policies Made Easy, by Charles Cresson Wood.

Continue reading Sample InfoSec Policy – Computer And Communications Facility Location

Tags: charles cresson wood, information security policies, information security policies made easy, InfoSecurity, ISPME

Reducing risk associated with a new technology often requires a combination of overlapping management and technical policies. For example, simply publishing a policy that restricts peer-to-peer networking software may not be sufficient to protect against data leakage if the organization has not defined any controls around computing environments for remote workers. Since many data leaks occur through home-based networks, protection involves a blend of policies including desktop configuration control, acceptable use and physical and environmental controls. As an example, consider this sample policy for Internet Telecommuter Working Environments.

Continue reading Featured InfoSecurity Policy – Telecommuter Working Environments

Tags: charles cresson wood, information security policies, information security policies made easy, InfoSecurity, ISPME, policies, Telecommuter

An increased focus for both state and Federal information security laws is the monitoring of third-party vendors. Vendor security is becoming more critical with the trend toward outsourced networking services via cloud computing. One way to make sure that vendor security is not overlooked is to include these requirements as part of all third party service provider contracts. To formalize this requirement, consider this sample policy: Security Requirements in Outsourced Network Services.

Continue reading Featured Policy – Security in Outsourced Network Services

Tags: charles cresson wood, information security policies, information security policies made easy, InfoSecurity, ISPME, policies

Information Security Policies Made Easy is your definitive resource for a comprehensive information security policies for your enterprise.

Until April 30, 2009, Rothstein Associates is offering a $100 discount on this valuable tool – including both print AND CD-ROM – regularly $795, now only $695.00 PLUS FREE STANDARD SHIPPING! (prepaid orders only).

Information Security Policies Made Easy is the “gold standard” information security policy resource based on the 25 year consulting experience of Charles Cresson Wood, CISSP, CISA. The most complete security policy library available, ISPME contains over 1360 pre-written information security policies covering over 200 security topics and organized in ISO 17799 format. Take the work out of creating, writing, and implementing security policies!

Information Security Policies Made Easy has everything you need to save time and money building or updating written security policies, including:

1. A complete information security policy library with over 1360 individual pre-written security policies including:

• Coverage of the latest technical, legal and regulatory issues
• ISO 17799 outline format, allowing for easy gap-analysis against existing standards and security frameworks
• Expert commentary discussing the risks mitigated by each policy
• Target audience (management, technical, or user) and security environment (low, medium, high) for each policy
• Policy coverage maps for Sarbanes-Oxley (COBIT) and HIPAA security

2. Eighteen complete pre-written security policy documents that every company should have, updated and ready to use “as is” or with easy customization, including:

• User-targeted policies such as: Electronic Mail Policy, Internet Security Policy for End Users and Web Privacy Policy
• Organization-wide policies such as: High-Level Security Policy, Privacy policy, Information Ownership Policy
• Technology-based policies such as: Firewall Policy, Data Classification Policy and Network Security Policy
• Sample risk acceptance memo for the approval of out of compliance situations, a sample non-disclosure agreement, and a user policy acceptance agreement.

3. Expert advice on the security policy development and review process, including:

• A step-by-step checklist of security policy development tasks to quickly start a policy development project
• Helpful tips and tricks for getting management buy-in for information security policies and education
• Tips and techniques for raising security policy awareness
• Real-world examples of problems caused by missing or poor information security policies
• Policy development resources such as Information Security Periodicals, professional associations and related security organizations

4. All content included on an easy-to-use CD-ROM with an indexed and searchable HTML interface for easy location, featuring:

• Policies available in HTML, PDF, MS-Word format
• Easy cut-and-paste into existing corporate documents
• Extensive cross-references between policies that help the user quickly understand alternative solutions and complimentary controls

Information Security Policies Made Easy covers virtually every aspect of corporate information security including:

• Privacy issues
• Identity Theft
• Web pages
• Firewalls
• Employee surveillance
• Electronic commerce
• Digital signatures
• Computer viruses
• Encryption
• Contingency planning
• Logging controls
• Internet
• Intranets
• Corporate Governance
• Outsourcing security functions
• Computer emergency response teams
• Microcomputers
• Local area networks
• Voice Over IP
• Password selection
• Electronic mail
• SPAM Prevention
• Data Classification
• Telecommuting
• Telephone systems
• Portable computers
• User security training
• Information Security Related Terrorism

=====================================================================

To receive your $100 discount and free standard ground shipping (or equivalent discount), either click below, OR go to the full product description of Information Security Policies Made Easy and enter Coupon Code “ispme09” at checkout. Discount applies to prepaid orders only. Shipping charge will be adjusted at time of shipment.

=====================================

Take advantage of this limited offer on Information Security Policies Made Easy!

Tags: charles cresson wood, information security, information security policies made easy, infosec, ISO 17799, policies

Information Security Policies Made Easy is your definitive resource for a comprehensive information security policies for your enterprise.

Until April 30, 2009, Rothstein Associates is offering a $100 discount on this valuable tool – including both print AND CD-ROM – regularly $795, now only $695.00 PLUS FREE STANDARD SHIPPING! (prepaid orders only).

Information Security Policies Made Easy is the “gold standard” information security policy resource based on the 25 year consulting experience of Charles Cresson Wood, CISSP, CISA. The most complete security policy library available, ISPME contains over 1360 pre-written information security policies covering over 200 security topics and organized in ISO 17799 format. Take the work out of creating, writing, and implementing security policies!

Information Security Policies Made Easy has everything you need to save time and money building or updating written security policies, including:

1. A complete information security policy library with over 1360 individual pre-written security policies including:

• Coverage of the latest technical, legal and regulatory issues
• ISO 17799 outline format, allowing for easy gap-analysis against existing standards and security frameworks
• Expert commentary discussing the risks mitigated by each policy
• Target audience (management, technical, or user) and security environment (low, medium, high) for each policy
• Policy coverage maps for Sarbanes-Oxley (COBIT) and HIPAA security

2. Eighteen complete pre-written security policy documents that every company should have, updated and ready to use “as is” or with easy customization, including:

• User-targeted policies such as: Electronic Mail Policy, Internet Security Policy for End Users and Web Privacy Policy
• Organization-wide policies such as: High-Level Security Policy, Privacy policy, Information Ownership Policy
• Technology-based policies such as: Firewall Policy, Data Classification Policy and Network Security Policy
• Sample risk acceptance memo for the approval of out of compliance situations, a sample non-disclosure agreement, and a user policy acceptance agreement.

3. Expert advice on the security policy development and review process, including:

• A step-by-step checklist of security policy development tasks to quickly start a policy development project
• Helpful tips and tricks for getting management buy-in for information security policies and education
• Tips and techniques for raising security policy awareness
• Real-world examples of problems caused by missing or poor information security policies
• Policy development resources such as Information Security Periodicals, professional associations and related security organizations

4. All content included on an easy-to-use CD-ROM with an indexed and searchable HTML interface for easy location, featuring:

• Policies available in HTML, PDF, MS-Word format
• Easy cut-and-paste into existing corporate documents
• Extensive cross-references between policies that help the user quickly understand alternative solutions and complimentary controls

Information Security Policies Made Easy covers virtually every aspect of corporate information security including:

• Privacy issues
• Identity Theft
• Web pages
• Firewalls
• Employee surveillance
• Electronic commerce
• Digital signatures
• Computer viruses
• Encryption
• Contingency planning
• Logging controls
• Internet
• Intranets
• Corporate Governance
• Outsourcing security functions
• Computer emergency response teams
• Microcomputers
• Local area networks
• Voice Over IP
• Password selection
• Electronic mail
• SPAM Prevention
• Data Classification
• Telecommuting
• Telephone systems
• Portable computers
• User security training
• Information Security Related Terrorism

=====================================================================

To receive your $100 discount and free standard ground shipping (or equivalent discount), either click below, OR go to the full product description of Information Security Policies Made Easy and enter Coupon Code “ispme09” at checkout. Discount applies to prepaid orders only. Shipping charge will be adjusted at time of shipment.

=====================================

Take advantage of this limited offer on Information Security Policies Made Easy!

Tags: charles cresson wood, information security, information security policies made easy, infosec, ISO 17799, policies