My Account | Register | Help

#jsDisabledContent { display:none; } My AccountRegisterHelp

#jsDisabledContent { display:none; } HomeBooksSearchSupportAbout UsBlog

#jsDisabledContent { display:none; }

Generally Accepted Principles and Practices for Securing Information Technology Systems

By Swanson, Marianne

Excerpt
Excerpt: As more organizations share information electronically, a common understanding of what is needed and expected in securing information technology (IT) resources is required. This document provides a baseline that organizations can use to establish and review their IT security programs. The document gives a foundation that organizations can reference when conducting multi-organizational business as well as internal business. Management, internal auditors, users, system developers, and security practioners can use the guideline to gain an understanding of the basic security requirements most IT systems should contain. The foundation begins with generally accepted system security principles and continues with common practices that are used in securing IT systems.

Table of Contents
Table of Contents: 1. Introduction, 1 -- 1.1 Principles, 1 -- 1.2 Practices, 1 -- 1.3 Relationship of Principles and Practices, 2 -- 1.4 Background., 2 -- 1.5 Audience, 3 -- 1.6 Structure of this Document, 3 -- 1.7 Terminology., 3 -- 2. Generally Accepted System Security Principles, 4 -- 2.1 Computer Security Supports the Mission of the Organization, 5 -- 2.2 Computer Security is an Integral Element of Sound Management, 6 -- 2.3 Computer Security Should Be Cost-Effective, 6 -- 2.4 Systems Owners Have Security Responsibilities Outside Their Own Organizations --, 7 -- 2.5 Computer Security Responsibilities and Accountability Should Be Made Explicit, 8 -- 2.6 Computer Security Requires a Comprehensive and Integrated Approach, 9 -- 2.7 Computer Security Should Be Periodically Reassessed, 9 -- 2.8 Computer Security is Constrained by Societal Factors, 10 -- 3. Common IT Security Practices, 11 -- 3.1 Policy, 13 -- 3.1.1 Program Policy, 13 -- 3.1.2 Issue-Specific Policy., 14 -- 3.1.3 System-Specific Policy, 14 -- 3.1.4 All Policies, 15 -- 3.2 Program Management, 16 -- 3.2.1 Central Security Program, 16 -- 3.2.2 System-Level Program, 17 -- 3.3 Risk Management, 19 -- 3.3.1 Risk Assessment, 19 -- 3.3.2 Risk Mitigation, 20 -- 3.3.3 Uncertainty Analysis., 21 -- 3.4 Life Cycle Planning, 22 -- 3.4.1 Security Plan, 22 -- 3.4.2 Initiation Phase, 22 -- 3.4.3 Development/Acquisition Phase, 22 -- 3.4.4 Implementation Phase, 23

Book Id: WPLBN0000692165
Format Type: PDF eBook
File Size: 187.82 KB.
Reproduction Date: 2000
Full Text

1
2
3
4
5

Title:

Generally Accepted Principles and Practices for Securing Information Technology Systems

Author:

Swanson, Marianne

Volume:

Language:

English

Subject:

Government publications, Department of Commerce and Labor Document, Commerce.

Collection:

Department of Commerce Collection

Subcollection:

Historic
Publication Date:

Publisher:

Government Printing Office

Add to Book Shelf

Flag as Inappropriate

Other Books I Looked at: Click to view all Books in my History

Generally Accepted Principles and Practi... (by Swanson, Marianne)
(155)

People also read these books: Click to view all Additional Books

Exhibit 6A. Exports, Imports and Trade B... (by Department of Commerce)
(200)
Exhibit 6A. Exports, Imports and Trade B... (by Department of Commerce)
(118)
Exhibit 6. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(132)
Exhibit 6. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(200)
Exhibit 6. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(132)
Exhibit 6. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(118)
Exhibit 6. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(200)
Exhibit 6. Exports, Imports and Trade Ba... (by Department of Commerce)
(175)
Exhibit 6. Exports, Imports and Trade Ba... (by Department of Commerce)
(155)
Exhibit 5. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(200)
Exhibit 5. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(132)
Exhibit 5. U. S. Merchandise Trade : Dom... (by Department of Commerce)
(175)

Other Books by Same Author: Click to view all books by Swanson, Marianne

Security Metrics Guide for Information T... (by Swanson, Marianne)
(200)
Security Metrics Guide for Information T... (by Swanson, Marianne)
(118)
Lessons Learned in Establishing a Virtua... (by Swanson, Marianne)
(132)
Generally Accepted Principles and Practi... (by Swanson, Marianne)
(155)
Nist (by Swanson, Marianne)
(200)
Nist (by Swanson, Marianne)
(132)
Computer Security (by Swanson, Marianne)
(118)
Computer Security (by Swanson, Marianne)
(200)
Guide for Developing Security Plans for ... (by Swanson, Marianne)
(132)
Guide for Developing Security Plans for ... (by Swanson, Marianne)
(175)

Other Books with Same Subject: Click to view all books in Government publications, Department of Commerce and Labor Document, Commerce.

Der Aachener H Tten-Aktien-Verein in Rot... (by Rabius, Wilhelm)
(175)
Explosives; Pyrotechnic Products; Matche... (by Department of Commerce)
(132)
Fact Sheet : The Social Security Payroll... (by Department of Commerce)
(200)
Father's Day : June 15 (by Department of Commerce)
(132)
Father's Day : June 20 (by Department of Commerce)
(175)
Father's Day : June 19 (by Department of Commerce)
(200)
Fdca Special Edition Fdca National Nurse... (by Department of Commerce)
(118)
Feasibility Study Guidance : Final Repor... (by Department of Commerce)
(132)
Feuille Dinformation : Frontieres Terres... (by Department of Commerce)
(200)
Fish and Crustaceans, Mollusks and Other... (by Department of Commerce)
(155)

Copyright © 2010 World Public Library. All rights reserved. eBooks from World Public Library are sponsored by the World Public Library Association,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.