IS4550

Security Policies and Implementation

Unit 3 (July 1, 2016)
Policies, Standards, Procedures, and Guidelines

Learning Objective
  • Describe the components and basic requirements for creating a security policy framework.
Key Concepts
  • Key building blocks of security policy framework
  • Types of documents for a security policy framework
  • ISS and information assurance considerations
  • Process to create a security policy framework 
  • Best practices for policy management and maintenance   
Reading
  • Johnson and Merkow, Chapter 6: IT Security Policy Frameworks.
  • Johnson and Merkow, Chapter 7: How to Design, Organize, Implement, and Maintain IT Security Policies.
  • http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf.
Keywords
  • Security Policy 
  • Information Technology (IT) Security Policy Framework 
  • Information Systems Security (ISS)
  • Information Assurance
  • Policy Management
  • Policy Maintenance
  • Policy Change Control
  • Policy Change Control Board (PCCB)
Assignments and Study Materials
  • Unit 3 Lecture Slides
  • Unit 3 Discussion 3.1: Business Considerations
  • Unit 3 Lab 3.2: Define an Information Systems Security Policy Framework for an IT Infrastructure
  • Unit 3 Assignment 3.3: Security Policy Frameworks
Questions and Feedback
Use the form below to ask questions or provide feedback about the concepts covered during Unit 3's session of class:

Your browser is out-of-date!

You need to update your browser to view Foliotek correctly. Update my browser now

×