World Library  


Generally Accepted Principles and Practices for Securing Information Technology Systems

By Swanson, Marianne

Excerpt
Excerpt: As more organizations share information electronically, a common understanding of what is needed and expected in securing information technology (IT) resources is required. This document provides a baseline that organizations can use to establish and review their IT security programs. The document gives a foundation that organizations can reference when conducting multi-organizational business as well as internal business. Management, internal auditors, users, system developers, and security practioners can use the guideline to gain an understanding of the basic security requirements most IT systems should contain. The foundation begins with generally accepted system security principles and continues with common practices that are used in securing IT systems.

Table of Contents
Table of Contents: 1. Introduction, 1 -- 1.1 Principles, 1 -- 1.2 Practices, 1 -- 1.3 Relationship of Principles and Practices, 2 -- 1.4 Background., 2 -- 1.5 Audience, 3 -- 1.6 Structure of this Document, 3 -- 1.7 Terminology., 3 -- 2. Generally Accepted System Security Principles, 4 -- 2.1 Computer Security Supports the Mission of the Organization, 5 -- 2.2 Computer Security is an Integral Element of Sound Management, 6 -- 2.3 Computer Security Should Be Cost-Effective, 6 -- 2.4 Systems Owners Have Security Responsibilities Outside Their Own Organizations --, 7 -- 2.5 Computer Security Responsibilities and Accountability Should Be Made Explicit, 8 -- 2.6 Computer Security Requires a Comprehensive and Integrated Approach, 9 -- 2.7 Computer Security Should Be Periodically Reassessed, 9 -- 2.8 Computer Security is Constrained by Societal Factors, 10 -- 3. Common IT Security Practices, 11 -- 3.1 Policy, 13 -- 3.1.1 Program Policy, 13 -- 3.1.2 Issue-Specific Policy., 14 -- 3.1.3 System-Specific Policy, 14 -- 3.1.4 All Policies, 15 -- 3.2 Program Management, 16 -- 3.2.1 Central Security Program, 16 -- 3.2.2 System-Level Program, 17 -- 3.3 Risk Management, 19 -- 3.3.1 Risk Assessment, 19 -- 3.3.2 Risk Mitigation, 20 -- 3.3.3 Uncertainty Analysis., 21 -- 3.4 Life Cycle Planning, 22 -- 3.4.1 Security Plan, 22 -- 3.4.2 Initiation Phase, 22 -- 3.4.3 Development/Acquisition Phase, 22 -- 3.4.4 Implementation Phase, 23

Click here to view

Book Id: WPLBN0000692165
Format Type: PDF eBook
File Size: 187.82 KB.
Reproduction Date: 2000
Full Text


Title: Generally Accepted Principles and Practices for Securing Information Technology Systems  
Author: Swanson, Marianne
Volume:
Language: English
Subject: Government publications, Department of Commerce and Labor Document, Commerce.
Collection: Department of Commerce Collection
Subcollection:
Historic
Publication Date:
Publisher: Government Printing Office
Add to Book Shelf
Flag as Inappropriate
Email this Book
 

Click To View

Other Books I Looked at: Click to view all Books in my History


  • Generally Accepted Principles and Practi... (by )
    Book Rating (155)
Scroll Left
Scroll Right

Click To View

People also read these books: Click to view all Additional Books


  • Exhibit 6A. Exports, Imports and Trade B... (by )
    Book Rating (200)
  • Exhibit 6A. Exports, Imports and Trade B... (by )
    Book Rating (118)
  • Exhibit 6. U. S. Merchandise Trade : Dom... (by )
    Book Rating (132)
  • Exhibit 6. U. S. Merchandise Trade : Dom... (by )
    Book Rating (200)
  • Exhibit 6. U. S. Merchandise Trade : Dom... (by )
    Book Rating (132)
  • Exhibit 6. U. S. Merchandise Trade : Dom... (by )
    Book Rating (118)
  • Exhibit 6. U. S. Merchandise Trade : Dom... (by )
    Book Rating (200)
  • Exhibit 6. Exports, Imports and Trade Ba... (by )
    Book Rating (175)
  • Exhibit 6. Exports, Imports and Trade Ba... (by )
    Book Rating (155)
  • Exhibit 5. U. S. Merchandise Trade : Dom... (by )
    Book Rating (200)
  • Exhibit 5. U. S. Merchandise Trade : Dom... (by )
    Book Rating (132)
  • Exhibit 5. U. S. Merchandise Trade : Dom... (by )
    Book Rating (175)
Scroll Left
Scroll Right

Click To View

Other Books by Same Author: Click to view all books by Swanson, Marianne


  • Security Metrics Guide for Information T... (by )
    Book Rating (200)
  • Security Metrics Guide for Information T... (by )
    Book Rating (118)
  • Lessons Learned in Establishing a Virtua... (by )
    Book Rating (132)
  • Generally Accepted Principles and Practi... (by )
    Book Rating (155)
  • Nist (by )
    Book Rating (200)
  • Nist (by )
    Book Rating (132)
  • Computer Security (by )
    Book Rating (118)
  • Computer Security (by )
    Book Rating (200)
  • Guide for Developing Security Plans for ... (by )
    Book Rating (132)
  • Guide for Developing Security Plans for ... (by )
    Book Rating (175)
Scroll Left
Scroll Right

Click To View

Other Books with Same Subject: Click to view all books in Government publications, Department of Commerce and Labor Document, Commerce.


  • Der Aachener H Tten-Aktien-Verein in Rot... (by )
    Book Rating (175)
  • Explosives; Pyrotechnic Products; Matche... (by )
    Book Rating (132)
  • Fact Sheet : The Social Security Payroll... (by )
    Book Rating (200)
  • Father's Day : June 15 (by )
    Book Rating (132)
  • Father's Day : June 20 (by )
    Book Rating (175)
  • Father's Day : June 19 (by )
    Book Rating (200)
  • Fdca Special Edition Fdca National Nurse... (by )
    Book Rating (118)
  • Feasibility Study Guidance : Final Repor... (by )
    Book Rating (132)
  • Feuille Dinformation : Frontieres Terres... (by )
    Book Rating (200)
  • Fish and Crustaceans, Mollusks and Other... (by )
    Book Rating (155)
Scroll Left
Scroll Right

 

Desktop View       Kiosk View

Copyright © World Public Library. All rights reserved. eBooks from World Public Library are sponsored by the World Public Library Association,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.