Network Security: Detailed info on Security program development (Plan)

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Management

[Top] [All Lists]

Security program development (Plan)

from [Larry Erdahl] Network Security

[Permanent Link]

Subject:	Security program development (Plan)
Date:	Mon, 15 Aug 2005 20:22:08 +0000

I have been asked by my organization to develop a IT security program (plan) that will meet today's security standards. I am planning on following ISO 17799, but I am having a little trouble getting out of the starting blocks.

Can anyone point me to documentation or studies on the proper roles, responsibilities,and reporting structure needed in today's security departments.

I am specially interested in any thing that suggests that the security manager or CISO should not report to the Operations Director.

I would appreciate it if you could share your expertise and experience in what you did in building your security departments (off line if need be).

Thanks...

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Security program development (Plan), Larry Erdahl <= RE: Security program development (Plan), Joe_Wulf RE: Security program development (Plan), Jose Varghese RE: Security program development (Plan), Mark Teicher

Previous by Date:	RE: defining change control severity, Brunner, Mark
Next by Date:	RE: Is there any way to measure IT Security??, prasanna.mukundan
Previous by Thread:	defining change control severity, Laurin Buchanan
Next by Thread:	RE: Security program development (Plan), Joe_Wulf
Indexes:	[Date] [Thread] [Top] [All Lists]