20th NISSC Internet Technical Security Policy Panel

[Word Document] Invest the time up front to carefully develop sound policies and then identify ways to gauge their effectiveness and assess the level of compliance within your organization. Commit to spending the time and resources required to ensure that the policies are kept current and accurately reflect your company's security posture.

THE CONTROLIT USER GROUP - Dedicated to Supporting COBIT ™ Users

A security policy is a set of rules written in general terms stating what is permitted and what is not permitted in a system during normal operation.

a guide to developing computer security policies and procedures for sites that have systems on the Internet. Published 1997.

Security standards are needed by organizations because of the amount of information, the value of the information, and ease with which the information can be manipulated or moved.

This paper is intended to address the importance of having a written and enforceable Information Technology (IT) security policy, and to provide an overview of the necessary components of an effective policy.

This paper focuses on providing the reader with an overview of the current virus landscape and aids in developing best practice anti-virus policies. After presenting the threat, we'll introduce you to today's most popular anti-virus tools.

The SANS Institute, offering computer security training for system administrators, computer security professionals, and network administrators, is a cooperative research and education organization that has many consensus projects to return computer security information to the community.

Draft paper for NIST Computer Security Handbook.