Register TODAY to Save $350 on Security West, Jan 24 - Feb 1 >> More Info
the most trusted source for computer security training, certification and research


SANS InfoSec Reading Room - Security Policy Issues

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

CA Banner - 200811

Featuring 47 papers as of Dec 2, 2008

5 Keys to a Successful Identity and Access Management Implementation
CA - October 2008 (Opens in new window)

Identity and Access Management: A Comprehensive Buyer's Guide
CA - October 2008 (Opens in new window)

Closing Internal User Visibility and Data Governance Gaps with PacketMotion
PacketMotion - April 2008

There's a hole in my infrastructure? The road to PCI Compliance
Jonathan Chaitow
July 3, 2008
- download paper PDF
Understanding the Importance of and Implementing Internal Security Measures
Michael Durgin
September 27, 2007
- download paper PDF
Information Security Policy - A Development Guide for Large and Small Companies
Sorcha Diver
July 17, 2007
- download paper PDF
Risks and Rewards of Instant Messaging in the Banking Sector
Nicholas Rose
June 13, 2005
- download paper PDF
Security In An Open Environment Such As A University?
Carol Templeton
May 5, 2005
- download paper PDF
Protecting Your Corporate Network from Your Employee's Home Systems
Todd Rosenberry
February 9, 2004
- download paper PDF
Acceptable Use Policy Document
Raymond Landolo
October 31, 2003
- download paper PDF
Development of an Effective Communications Use Policy
Tim O' Neil
October 31, 2003
- download paper PDF
Social Engineering - For the Good Guys
James E. Keeling
October 31, 2003
- download paper PDF
Managing Internet Use: Big Brother or Due Diligence?
Steve Greenham
October 31, 2003
- download paper PDF
Security Policy: What it is and Why - The Basics
Joel S. Bowden
October 31, 2003
- download paper PDF
Federal Systems Level Guidance for Securing Information Systems
James Corrie
October 31, 2003
- download paper PDF
Developing Security Policies For Protecting Corporate Assets
Jasu Mistry
October 31, 2003
- download paper PDF
Developing Effective Information Systems Security Policies
RDaniel Lee
October 31, 2003
- download paper PDF
Technical Writing for IT Security Policies in Five Easy Steps
J.Patrick Lindley
October 31, 2003
- download paper PDF
Congratulations to the New Security Manager
Nancy J. Carpenter
October 31, 2003
- download paper PDF
Security Policy Roadmap - Process for Creating Security Policies
ChaiwKok Kee
October 31, 2003
- download paper PDF
Impact of HIPAA Security Rules on Healthcare Organizations
Tim Ferrell
October 31, 2003
- download paper PDF
No Budget, No Policy: Leading the Bull by the Nose or Thank God for the Cisco IOS Firewall Feature S
Richard Haynal
October 31, 2003
- download paper PDF
When Policies that have 'Always Worked', Don't or "The Mask of the Code
Rich Parker
October 31, 2003
- download paper PDF
Systems Maintenance Programs - The Forgotten Foundation and Support of the CIA Triad
C.Farley Howard
October 31, 2003
- download paper PDF
Security, It's Not Just Technical
Kevin M. Dulany
October 31, 2003
- download paper PDF
Formulating a National Cryptography Policy: Relevant Issues, Considerations and Implications for Sin
Francis Chong Heng Goh
October 31, 2003
- download paper PDF
Security Policies in a Global Organization
Gerald P. Long
October 31, 2003
- download paper PDF
The Use of Case Law in Negotiating the Acceptance of Post Secondary Computer Policies
George B. Koszegi
October 31, 2003
- download paper PDF
A Preparation Guide to Information Security Policies
David Jarmon
October 31, 2003
- download paper PDF
One Approach to Enterprise Security Architecture
Nick Arconati
October 31, 2003
- download paper PDF
Defining Policies Using Meta Rules
Dan McGinn-Combs
October 31, 2003
- download paper PDF
Deception: A Healthy Part of Any Defense in-depth Strategy
Paul Anderson
October 31, 2003
- download paper PDF
Sensitive But Unclassified
Andrew Helyer
October 31, 2003
- download paper PDF
Developing Security Policies: Charting an Obstacle Course
Rosemary Sumajit
October 31, 2003
- download paper PDF
Building and Implementing an Information Security Policy
Martyn Elmy-Liddiard
October 31, 2003
- download paper PDF
Peer-to-Peer File-Sharing Networks: Security Risks
William Couch
October 31, 2003
- download paper PDF
Leveraging a Securing Awareness Program from a Security Policy
Howard Uhr
October 31, 2003
- download paper PDF
Danger Within
Dennis Spalding
October 31, 2003
- download paper PDF
Creating an Information Systems Security Policy
Walter F. Patrick
October 31, 2003
- download paper PDF
An Overview of Corporate Computer User Policy
Philip J. Kaleewoun
October 31, 2003
- download paper PDF
Developing a Security Policy - Overcoming Those Hurdles
Chris Wan
October 31, 2003
- download paper PDF
Guidelines for an Information Sharing Policy
Chris Gilbert
October 31, 2003
- download paper PDF
Security Policies: Where to Begin
Laura Wills
October 31, 2003
- download paper PDF
Creating an IT Security Awareness Program for Senior Management
Robert Nellis
October 31, 2003
- download paper PDF
Security considerations with Squid proxy server
Eric Galarneau
October 31, 2003
- download paper PDF
The social approaches to enforcing information security
Roger Gilhooly
October 31, 2003
- download paper PDF
Security Process for the implementation of a Companys extranet network
Kirk Steinklauber
October 31, 2003
- download paper PDF

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT