tssci security

For all the IS Managers

NIST has released SP800-100, Information Security Handbook: A Guide for Managers. I'm sure it'd benefit everyone in the security community, since you either are or one day will be a manager (or at least help make managers make more informed decisions). Here's a quick run down on the sections it covers:

  1. Introduction
  2. Information Security Governance
  3. System Development Life Cycle
  4. Awareness and Training
  5. Capital Planning and Investment Control
  6. Interconnecting Systems
  7. Performance Measures
  8. Security Planning
  9. Information Technology Contingency Planning
  10. Risk Management
  11. Certification, Accreditation, and Security Assessments
  12. Security Services and Products Acquisition
  13. Incident Response
  14. Configuration Management

Posted by Marcin on Friday, November 10, 2006 in Security.

blog comments powered by Disqus
blog comments powered by Disqus