I am sure someone here can help me. At least I hope. I have been looking for something that would give me an outline or good idea of what should go into a document I would like our Managers and CIO to sign that allows the InfoSec team to perform audits/assessments of our company resources. I realize it would be best to have a legal department write something like this up but we have no access to this group.
Can anyone suggest a basic outline for something of this nature. I know someone asked for it before on this mailing list, but I cannot find any replies to that posting. Thank you. Jeff Wichman Security Administrator School Specialty, Inc.
