Information Security Policies Made Easy

Information Security Policies Made Easy is the "gold standard" information security policy resource based on the 25 year consulting experience of Charles Cresson Wood, CISSP, CISA. The most complete security policy library available, ISPME contains over 1360 pre-written information security policies covering over 200 security topics and organized in ISO 17799 format. Take the work out of creating, writing, and implementing security policies.

Learn More

» Request a free Sample Policy
» Table of Contents
» ISPME Data Sheet
» Index of New Policies
» What Security Experts Say about ISPME
» Do You Need Information Security Policies?
» Who uses ISPME?
» ISPME Video Overview

Get It Now!

» Buy Information Security Policies Made Easy
» How to Order ISPME

Keep Security Policies Updated

» PolicyShield Subscription Service

Information Security Policies Made Easy has everything you need to save time and money building or updating written security policies, including:

1. A complete information security policy library with over 1350 individual pre-written security policies including:

Coverage of the latest technical, legal and regulatory issues
ISO 17799 outline format, allowing for easy gap-analysis against existing standards and security frameworks
Expert commentary discussing the risks mitigated by each policy
Target audience (management, technical, or user) and security environment (low, medium, high) for each policy
Policy coverage maps for Sarbanes-Oxley (COBIT) and HIPAA security

2. Eighteen complete pre-written security policy documents that every company should have, updated and ready to use "as is" or with easy customization, including:

User-targeted policies such as: Electronic Mail Policy, Internet Security Policy for End Users and Web Privacy Policy
Organization-wide policies such as: High-Level Security Policy, Privacy policy, Information Ownership Policy
Technology-based policies such as: Firewall Policy, Data Classification Policy and Network Security Policy
Sample risk acceptance memo for the approval of out of compliance situations, a sample non-disclosure agreement, and a user policy acceptance agreement.

3. Expert advice on the security policy development and review process, including:

A step-by-step checklist of security policy development tasks to quickly start a policy development project
Helpful tips and tricks for getting management buy-in for information security policies and education
Tips and techniques for raising security policy awareness
Real-world examples of problems caused by missing or poor information security policies
Policy development resources such as Information Security Periodicals, professional associations and related security organizations

4. All content available on an easy-to-use CD-ROM with an indexed and searchable HTML interface for easy location, featuring:

Policies available in HTML, PDF, MS-Word format
Easy cut-and-paste into existing corporate documents
Extensive cross-references between policies that help the user quickly understand alternative solutions and complimentary controls

Information Security Policies Made Easy Version covers virtually every aspect of corporate information security including:

Privacy issues
Identity Theft
Web pages
Firewalls
Employee surveillance
Electronic commerce
Digital signatures
Computer viruses
Encryption
Contingency planning
Logging controls
Internet
Intranets
Corporate Governance

Outsourcing security functions
Computer emergency response teams
Microcomputers
Local area networks
Voice Over IP
Password selection
Electronic mail
SPAM Prevention
Data Classification
Telecommuting
Telephone systems
Portable computers
User security training
Information Security Related Terrorism

Information Security Policies Made Easy is available in CD-ROM and as electronic download. Each CD contains a print-ready PDF, fully-linked HTML and an organization-wide license to republish the materials. Published by Information Shield, Inc.

Products » Information Security Policies Made Easy