Stanford (Tuesday, February 19, 2002, 12:36 PM) wrote: > I really need to create an "Operations Manual" type > security document or book/manual.
If you have the time, read up on ISO 17799. Or look at the Google dir, here: http://directory.google.com/Top/Computers/Security/Policy/?tc=1 Unfortunately, creating a site-specific manual will take some effort if it's intended to be effective. A policy which is too restrictive will cause your users to mutiny. One which is too lax will lend a false sense of security, while permitting bad behavior. There are many, many security consultancies which will do this for you, at varying levels of price and service. -- Tod Beardsley, Senior Security Analyst Plan B Security <http://www.PlanB-Security.net> "Confidentiality, Integrity, Availability"