 |
| about dmoz | help |
|
|
| about dmoz | help |
Top: Computers: Security: Policy
|
Sites submitted should be related to the creation, definition or implementation of a management policy and procedures outlining the minimal expectations for maintaining security of a corporate network. These can include any aspect of computer security, hardware or software based. |
The computer security policy is a statement by management of the minimum expectations to maintain the confidentiality, integrity and availability of the corporate network and all data stored on the network. The style, content and specific objectives of each policy are dependent on the environment, security requirements and corporate culture specific to each organization.
| Only companies providing products or professional services in the area of Computer Security Policies should submit for this category. |
This subcategory of Computers: Security: Policy is intended for companies that provide products or professional services related to computer security policies.
The Health Insurance Portability and Accountability Act (HIPAA) is a US law which affects most organizations receiving federal funding or storing medical records. In 2003, stricter patient privacy rules went into effect, with stiff penalties for any breach of confidentiality. As the penalties for even a single breach of confidentiality can be extremely damaging, strict security policies are needed by organizations subject to HIPAA. It should be noted that there are no "magic bullet" solutions to HIPAA compliance - any organization subject to HIPAA rules is well advised to become familiar with the actual regulations and review their operations regularly to insure compliance.
| In this category, please only submit websites providing sample information security policies which are readily available to the public. |
These are examples of computer security policies. Some are policies which have been created and implemented in specific organizations, others are simply samples to provide guidance to those writing their own policies. Example policies include those for IT/computer security, Internet and email usage, remote network access etc.
|
Please only suggest sites here that specifically relate to ISO/IEC 27002 and the ISO/IEC 27000-series information security management standards. Sites that relate to information security in general should be suggested in http://dmoz.org/Computers/Security/ Sites relating to other standards should be suggested in the closest or most appropriate category. Not all suggestions are adopted. We are most interested in sites with high quality information about the standards, for example those that help organizations understand and implement the standards. |
ISO/IEC 27002:2005 - Information technology -- Code of practice for information security management
ISO/IEC 27002 (previously known as ISO/IEC 17799 and before that BS 7799 Part 1) is an international standard providing best practice advice on information security management systems.
| Copyright © 1998-2008 Netscape |