SANS library room. <From Joe Louis: >
________________________________ From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Thursday, April 10, 2008 4:49 PM To: NT System Admin Issues Subject: RE: Information Security Documentation http://www.cisecurity.org/ is another good place ...Tim From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, April 10, 2008 1:39 PM To: NT System Admin Issues Subject: RE: Information Security Documentation NIST SP-800 series. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, April 10, 2008 4:28 PM To: NT System Admin Issues Subject: Information Security Documentation Does anyone out there have / seen any good Information Security Policy documents or templates? Basically I am looking for a comprehensive, internal document (or set of documents) that would be used to describe things such as: - Security Organization and Structure - Internal (Employee and Contractor) Security Policies (obligations of personnel in managing data and other secure/confidential documents) - Sites and Building Policies (access control, maintenance) - Network Security - Systems Architecture Security (Access Control, Authentication) - Production Environment Security - Application Security I realize that it would be next to impossible to find a single security document that has all of the above facets to it, but any good starting points would be helpful. Thanks, Jeff ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
