The computer security policy is a statement by management of the minimum expectations to maintain the confidentiality, integrity and availability of the corporate network and all data stored on the network. The style, content and specific objectives of each policy are dependent on the environment, security requirements and corporate culture specific to each organization.
Sites submitted should be related to the creation, definition or implementation of a management policy and procedures outlining the minimal expectations for maintaining security of a corporate network. These can include any aspect of computer security, hardware or software based.
This subcategory of Computers: Security: Policy is intended for companies that provide products or professional services related to computer security policies.
Only companies providing products or professional services in the area of Computer Security Policies should submit for this category.
The Health Insurance Portability and Accountability Act (HIPAA) is a US law which affects most organizations receiving federal funding or storing medical records. In 2003, stricter patient privacy rules went into effect, with stiff penalties for any breach of confidentiality. As the penalties for even a single breach of confidentiality can be extremely damaging, strict security policies are needed by organizations subject to HIPAA. It should be noted that there are no "magic bullet" solutions to HIPAA compliance - any organization subject to HIPAA rules is well advised to become familiar with the actual regulations and review their operations regularly to insure compliance.
These are examples of computer security policies. Some are policies which have been created and implemented by specific organizations, others are simply samples to provide guidance to those writing their own policies. You may like to use these as templates or donor documents for your own, subject to any copyright restrictions on the originals.
This category only accepts websites providing information security policies which are freely available to the public.
This category concerns standards for information security, principally published international and national standards.
Please only suggest sites here that specifically relate to information security standards.
Sites that relate to information security in general should be suggested in http://dmoz.org/Computers/Security/
Sites relating to other types of standards should be suggested in the closest or most appropriate category.
Not all suggestions are adopted. We are most interested in sites with high quality information about the standards, for example those that help organizations understand and implement the standards.