What's New in Version 2?

Information Security Roles and Responsibilities Made Easy, Version 2 is the new and updated version of the best-selling security resource by Charles Cresson Wood, CISSP, CISA, CISM. Version 2 is based on the 20 year consulting and security experience of Mr. Wood and contains these new, updated features to help you save money while establishing a due-care information security organization:

1. Updated information-security-related committee, board, and department mission statements, including new descriptions for Disaster Recovery Team, Change Control Committee, Privacy Oversight Committee, and a Board Of Directors Governance Committee.

2. Over forty updated information-security-related job descriptions including brand new job descriptions for Chief Privacy Officer (CPO), Chief Security Officer (CSO), Chief Knowledge Officer (CKO), Ethics Officer and Data Librarian.

3. Expanded job descriptions and mission statements reflecting the latest business and technological developments (such as digital rights management systems and wireless networks) and legislative and regulatory requirements such as those of the Sarbanes Oxley Act.

4. Additional management justifications for compiling, documenting and updating roles and responsibilities, including ways in which this effort minimizes the cost of providing adequate information security services.

5. A significantly expanded discussion of the pros and cons of outsourcing the information security function, including outsourcing-firm due-diligence, secure outsourcing procedures, and possible conflicts of interest when retaining a third party.

6. Actions you should take to reduce your organization's exposure to workers in information security related positions of trust.

7. Added citations supporting the legal notion of the standard of due care as it relates to management responsibility, including discussion of the Hooper Doctrine, to help justify an investment in information security organizational infrastructure.

8. An expanded discussion of the personality characteristics needed for work in information security, including discussion about the pros and cons of hiring hackers and others who have been on the wrong side of the law

9. New decision-making criteria for releasing or withholding roles and responsibilities documentation to/from various external parties.

10. Updated information security professional certifications with web sites, phone numbers, and addresses so the reader can easily get more information about them.

11. A new appendix which explores the synergy between role based access control (RBAC) and clarification of information security roles and responsibilities.

12. Additional cross-references and hot-links so that you can quickly locate the material you need.

Information Security Roles and Responsibilities Made Easy, Version 2.0 contains easily-customized documents in MS-Word format. All contents come on a fully indexed and searchable CD-ROM with linked cross-references. For more information email us at sales@informationshield.com.