Expert Answer Center > Experts On Demand > View Answer
EMAIL THIS
Experts on Demand
  EXPERTS ON DEMAND HOME     POSE A QUESTION     VIEW ANSWERS     BROWSE BY TOPIC        RSS FEEDS  
I have two questions:

  1. What is a good resource for security policies. We are a small company, and are starting from scratch, so we are looking for freeware type solution, End to End Security Policy for Dummies!

  2. What is a good source for Security Audit checklists, which are linked to aspects of Compliance? HIPPA, SoX, GLB etc.
 QUESTION POSED ON: 16 OCT 2006
QUESTION ANSWERED BY: Ed Tittel For question number 1, check out my stories for SearchSecurity that include "Security Policy By Example" in their titles:

These should help get you started down the road toward formulating security policy: though most of the resources mentioned cost something, most of them don't cost very much, either.

For question number 2, I'd look around at complianceonline.com and SANS (the latter is well-known for providing security checklists of all kinds, including for audit purposes). You might also want to troll around at ISACA where you can probably find such things as well. Then, too, there's always the brute force technique of using, for example, "HIPAA security audit checklist" as a search string in your favorite search engine (I found one direct hit at searchdomino.com using a literal string search, and thousands of hits using less demanding criteria).

HomeExperts on DemandIT Expert Webcast SeriesExpert KnowledgebaseSite Index
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts