The book illustrates how policies and procedures support the efficient running of an organization. This volume points out how security documents and standards are key elements in the business process, but should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements; they are elements that aid in the execution of management policies. This treatment details how security policies support management's directions. The authors emphasize how information security must be integrated into all business processes. They examine Tier 1, Tier 2, and Tier 3 policies.

Book Reviews

• From Anarchy to Power The Net Comes of Age
• Information Warfare: corporate attack and defence in a digital world (Computer Weekly Professional)
• The Right to Privacy
• The Privacy Papers: Managing Technology, Consumer, Employee and Legislative Actions
• Secrets of a Back Alley ID Man: Fake ID Construction Techniques of the Underground
• Inside Internet Security: What Hackers Don't Want You To Know
• Privacy, Surveillance and Public Trust
• The E-Privacy Imperative : Protect Your Customers' Internet Privacy and Ensure Your Company's Survival in the Electronic Age
• How to Own Your Own Private International Bank: For Profit, Privacy, and Tax Protection
• Privacy and Its Invasion