Book description
Information Security Law: The Emerging Standard for Corporate Compliance is designed to help companies understand this developing law of information security, the obligations it imposes on them, and the standard for corporate compliance that appears to be developing worldwide. ISO/IEC 27001, the international information security standard, should be read alongside this book.
Table of contents
- Copyright
- Preface
- About the Author
- Introduction
- 1. Security Basics: The Legal Perspective
- 2. Legal Response to Security
- 3. The General Duty to Provide Security
- 4. The Legal Standard for Compliance
- 5. Developing a Compliant Security Program
-
6. Security Controls to Consider
- 6.1. Physical security controls
-
6.2. Technical security controls
- 6.2.1. Access controls
- 6.2.2. Identification and authentication
- 6.2.3. System and services acquisition controls
- 6.2.4. System configuration and change management controls
- 6.2.5. System and information integrity
- 6.2.6. Data communications protection
- 6.2.7. Maintenance
- 6.2.8. System activity monitoring and audit records
- 6.3. Administrative security controls
- 6.4. Special rules for specific data elements
- 7. The Role of Standards
- 8. Security Breach Notification
- Appendix
- ITG Resources
Product information
- Title: Information Security Law: The Emerging Standard for Corporate Compliance
- Author(s):
- Release date: October 2008
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356669
You might also like
book
Asset Protection through Security Awareness
Supplying a high-level overview of how to protect your company's physical and intangible assets, Asset Protection …
book
Advanced Persistent Training : Take Your Security Awareness Program to the Next Level
Gain greater compliance with corporate training by addressing the heart of the very awareness vs. compliance …
book
How Cyber Security Can Protect Your Business - A guide for all stakeholders
How Cyber Security Can Protect your Business – A guide for all stakeholders provides an effective …
book
Building an Enterprise-Wide Business Continuity Program
Drawing on over two decades of experience creating continuity plans and using them in actual recoveries, …