Does anyone out there have / seen any good Information Security Policy documents or templates?
Basically I am looking for a comprehensive, internal document (or set of documents) that would be used to describe things such as: - Security Organization and Structure - Internal (Employee and Contractor) Security Policies (obligations of personnel in managing data and other secure/confidential documents) - Sites and Building Policies (access control, maintenance) - Network Security - Systems Architecture Security (Access Control, Authentication) - Production Environment Security - Application Security I realize that it would be next to impossible to find a single security document that has all of the above facets to it, but any good starting points would be helpful. Thanks, Jeff Look at Security Policies and Procedures by Sari Stern Greene. Also SANS has some good templates to take care of things. Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, April 10, 2008 4:28 PM To: NT System Admin Issues Subject: Information Security Documentation ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
