PaulDotCom mailing list archives
Re: Security Starts With Policies
From: Chris Keladis <ckeladis () gmail com>
Date: Wed, 2 Mar 2011 06:20:45 +1100
On Tue, Mar 1, 2011 at 7:10 AM, Michael Lubinski <michael.lubinski () gmail com
wrote:
Hey Michael, As it stands many think that security starts with solid policies and
procedures. Every good policy and procedure will have a scope. I am in the midst of taking an organization and applying some best practices with some audit requirements. How do you scope a project that is based on best practices and encompasses everything from servers, routers, switches, firewalls, and unused network drops?
Definitely. You can look at implementing ISO-27001 which is exactly this (implementing an Information Security Management System or ISMS). Wikipedia has an overview: http://en.wikipedia.org/wiki/ISO/IEC_27001 No point re-inventing the wheel :) Cheers, Chris.
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security Starts With Policies Michael Lubinski (Feb 28)
- Re: Security Starts With Policies Chesmore, Michael [DAS] (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 01)
- Re: Security Starts With Policies alec (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 01)
- Re: Security Starts With Policies Sherwyn (Mar 01)
- Re: Security Starts With Policies Chris Keladis (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 03)
- Re: Security Starts With Policies Chesmore, Michael [DAS] (Mar 01)