Writing Security Policies

Viewing 3 reply threads
  • Author
    Posts
    • #2531
      oneeyedcarmen
      Participant

      Any of you fine folks ever been charged with having to rewrite the full security policy from the ground up?

      Lots of fun, I tell ya.   ::)

      I’ve managed to find several templates on the SANS site, be they for the overall policy, email, encryption, audit and the like.  I’m quite thankful for the work that others have done to make my life that much easier…though this is still right f’n tedious.

      Then once it’s complete, I get to run it past the CIO, HR, and Legal. 

      So to those of you who’ve been asking what the CISSP will get you…  😉
      (and THAT, my friends, is why this post is in the Certs category…and I didn’t know where else to put it)

    • #18356
      p_dub
      Participant

      I too have had the opportunity(?) to tackle this project. The NIST 800-18 provides some pretty good information also.

      Quite tedious indeed.

    • #18357
      oneeyedcarmen
      Participant

      I’m dealing with HIPAA, so I’ve been using 800-66 as well.

      No wonder I always feel like I need a nap.  ;D

    • #18358
      geekyone
      Participant

      I really feel for you.  That is some boring work but somebody has to do it.  :-

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?