Re: Security policy
On Saturday 09 October 2010 15:34:58 Paweł Ch. wrote:
> I must create security policy for my company.
> Can someone send me example security policy? Especially with division to
> user, administrator and boss.
There are a number of free public resources available from the
US National Institute of Standards and Technology. A former
employer of mine used Special Publication 800-53 as a baseline
for a security policy.
Besides providing a list of recommendations, it also has a
pretty good discussions of the "whys" behind them, and the
cost-benefit trade-offs that must be made.
A list of NIST security division's publications is here:
SP 800-53 itself is here, in PDF format:
Andrew Reid / firstname.lastname@example.org