Charles Cresson Wood's "Information security policies made easy" is an excellent reference, though a bit on the expensive side. You can order it at www.pentasafe.com. PoliVec (www.polivec.com) also provides tools to help develop, implement and enforce security policies. SANS also provides sample security policies on their Web site. New Riders has published a book, "Writing Information Security Policies." I have not read it yet, so I cannot comment on how useful or informative it is.
For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: Resources for writing a security policy
Best Web Links: Security policies
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.