Q

End to end security policies for beginners

What is a good resource for security policies. We are a small company, and are starting from scratch, so we are looking for freeware type solution, End to End Security Policy for Dummies! Also, what is a good source for Security Audit checklists, which are linked to aspects of Compliance? HIPPA, SoX, GLB etc.

I have two questions:

 

  1. What is a good resource for security policies. We are a small company, and are starting from scratch, so we are looking for freeware type solution, End to End Security Policy for Dummies!
  2. What is a good source for Security Audit checklists, which are linked to aspects of Compliance? HIPPA, SoX, GLB etc.
For question number 1, check out my stories for SearchSecurity that include "Security Policy By Example" in their titles:

These should help get you started down the road toward formulating security policy: though most of the resources mentioned cost something, most of them don't cost very much, either.

For question number 2, I'd look around at complianceonline.com and SANS (the latter is well-known for providing security checklists of all kinds, including for audit purposes). You might also want to troll around at ISACA where you can probably find such things as well. Then, too, there's always the brute force technique of using, for example, "HIPAA security audit checklist" as a search string in your favorite search engine (I found one direct hit at searchdomino.com using a literal string search, and thousands of hits using less demanding criteria).

This was first published in October 2006

Dig deeper on IT Security Audits

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close