ARCHIVES
SEARCH
Contacting Us
Recommendations
Mike Tarrani
Linda Zarate
Kate Hartshorn
Who We Are
TEAM Zarate-Tarrani
Our main weblog
Notes from the Field
Our other pages
Mike's home page
Linda's home page
Kate's home page
Forums
Simpatico [we]blogs
Dan Gilmore
Robert X. Cringely
Jakob Nielsen
Julian Bond
Deborah Branscum
Lisa Rein
CamWorld
Ed Yourdon
Monday, May 06, 2002
Sanity and Scaling Back. When I recommended Information Security Policies Made Easy in my 4 May entry someone asked me if I had lost my mind for recommending a $595.00 book. The answer is no, and if I did it's no problem because I have it backed up and stored in secure off-site storage. Seriously, the book will save a significant amount of time and will quickly pay for itself.However, one can go broke saving money, especially if there are more important priorities that should be funded first. An alternative is to purchase a copy of Writing Information Security Policies by Scott Barman. This $34.99 USD book is a fraction of the price and will give you the information and approach that will assure well-written security policies. Of course you'll have to write them from scratch, but the book's accompanying web site contains a wealth of support material.
Another book that shows the big picture is Thomas R. Peltier's Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management. We've mentioned Mr. Peltier in earlier entries, and this book is one that every security professional should own.
I'll end on that note because I have a scheduled back-up to perform.
