On Sat, 09 Oct 2010 16:42:51 -0400, Andrew Reid wrote: > On Saturday 09 October 2010 15:34:58 Paweł Ch. wrote:
>> I must create security policy for my company. Can someone send me >> example security policy? Especially with division to user, >> administrator and boss. > > There are a number of free public resources available from the > US National Institute of Standards and Technology. A former employer of > mine used Special Publication 800-53 as a baseline for a security > policy. > > Besides providing a list of recommendations, it also has a > pretty good discussions of the "whys" behind them, and the cost-benefit > trade-offs that must be made. > > A list of NIST security division's publications is here: > <http://csrc.nist.gov/publications/PubsFL.html> > > SP 800-53 itself is here, in PDF format: > > <http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3- final_updated-errata_05-01-2010.pdf> I'm adding to the list the SANS Institute guidelines, which provides sample templates for many purposes: http://www.sans.org/security-resources/policies/ Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pan.2010.10.10.13.04...@gmail.com