Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Policy-Procedure connection

from [Sharon Steinbock] Network Security [Permanent Link]
Subject: Policy-Procedure connection
Date: Mon, 18 Oct 2004 10:07:06 +0200 
Hello,

I am looking at implementing an ISO 17799 framework.
Getting the policies right is not an easy task, but I find the topic
well documented, with many sample policies I can use.
However, when it comes down to "translating" my policies to specific
procedures I am lost. Some questions:
- Who should write each procedure? The procedure owner, his boss,
someone higher up?
- Where can I find some sample procedures?

Any other insight regarding the policy-procedure gap will be highly
appreciated.

Thanks,
Sharon
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: practical Security Management reference, David Neal Swomley, Ph.D.
Next by Date:  Re: Policy-Procedure connection, alan_willcox
Previous by Thread:  RE: Identity Management System, Medzich, Maik
Next by Thread:  Re: Policy-Procedure connection, alan_willcox
Indexes:  [Date] [Thread] [Top] [All Lists]