This page is powered by Blogger.





Contacting Us
Mike Tarrani
Linda Zarate
Kate Hartshorn

Who We Are
TEAM Zarate-Tarrani

Our main weblog
Notes from the Field

Our other pages
Mike's home page
Linda's home page
Kate's home page

Simpatico [we]blogs
Dan Gilmore
Robert X. Cringely
Jakob Nielsen
Julian Bond
Deborah Branscum
Lisa Rein
Ed Yourdon


Sunday, March 10, 2002


Killing Two Birds. I posted an extensive amount of material earlier today in Notes from the Field about processes. The following documents are about security, but two of them discuss security processes in great detail. In you're interested in developing and implementing security processes you'll find the general material on processes and capability maturity useful.

The documents:

  • Enterprise Security Policy is a PowerPoint presentation that steps you through the development and implementation of an enterprise-wide security policy. This document is directly related to the process material I posted in Notes from the Field because policies govern processes.
  • Another document that is about process and security is the PowerPoint presentation about how to set up a Security Incident Response Team. This document contains a lot of material about security, as well as policy, process and procedures.
  • Cyber Threats to Critical Infrastructures is for the hard core security practitioner. This document is short on process and rich with technical insights.