[IAP301] Policy Development in Information Assurance

• Security Policies and Implementation Issues, Jones and Bartlett Learnin, Rob Johnson
• Student Lab Manual
• Security Policy Templates
• Free Online Mind Mapping
• References:
  • Common BIA Terminologies
  • NIST, ISO, COBIT, ITIL – Which Cyber Framework Rules Them All
  • Policy and Standards Framework
  • Business as usual (UAU)
  • The 8 Steps for Leading Change [Kotter]
  • Risk Mitigation [MITRE]
  • Guide to Attribute Based Access Control (ABAC) Definition and Considerations
  • Policies and Ethics in Cyber Security
  • Cybersecurity Strategic Planning
  • Safeguarding Your Technology
  • Information Security Policies: Why They Are Important To Your Organization
  • Important Strategies for Aligning Security With Business Objectives
  • The Art of Aligning Security Goals with Business Goals
  • How to Align Security With Your Business Objectives
  • Why Human Error is #1 Cyber Security Threat to Businesses in 2021
  • Segregation of Duties in Your Organization
  • What are some common examples of Segregation of Duties?
  • Separation of duties and IT security
  • Insider Threat Mitigation
  • How to Implement a Security Awareness Program at Your Organization
  • Cyber security Handbook
  • Information Services Security Awareness Training Policy
  • Security Awareness and Training Policy [Virginia State University]
  • Securing the Seven Domains of IT Infrastructure
  • Seven benefits of security awareness training
  • Why Security Awareness Training Is Required From Day 1 For New Employees
  • Malicious Code Protection Standard [University of Mary Washington]
  • Clark University’s Remote Access Policy
  • Remote Access Policy Template
  • Remote Access Policy [Connecticut College]
  • Unauthorized Access – Threats, Risk, and Control
  • Guidelines for Data Classification
  • Safeguards for Remote Access
  • Remote Access Policy for Remote Workers & Medical Clinics
  • Business Impact Analysis (BIA) Template
  • Business Continuity Plan (BCP) Template
  • Incident Response Models
  • What is ITIL® incident management?
  • File Integrity Monitoring
  • Ingress & Egress Filtering
  • Backup policy
  • WIRELESS LOCAL AREA NETWORK (LAN) SYSTEMS POLICY
  • Internet & Email Acceptable Use Policy
  • Computer Security Incident Handling Guide [NIST]