David Wilhite
Senior IT Security Engineer,
University of South Carolina
A Practitioner's Approach for Developing Information Security Policy
Wednesday, April 17, 2013 | 10:45AM–11:30AM | Salon E/F
Session Type:
Professional Development
An institution developing its information security policy by basing it on lofty ideals and stringent standards may demand far more than its staff is capable of delivering, which risks frustrating staff to the point of resistance, outright rebellion, or clandestine noncompliance. This strategy can also create a risk of legal liability, as an institution may instantly place itself out of compliance with its own documented policy. This session will outline a strategy for phasing in policy provisions, inclusive of key executive, managerial, and technical staff members, and provide a template of policies, standards, and procedures.
Presenters
Resources & Downloads
Univ South Carolina - Information Security ...
90 KB, Off-site resource
Uploaded on
Univ South Carolina - Data Security Standards
192 KB, Off-site resource
Uploaded on
Univ South Carolina - Data Access Policy
38 KB, Off-site resource
Uploaded on
Presentation Slides
327 KB, Powerpoint Slides
Uploaded on
Univ South Carolina - Information Security ...
Off-site resource
Uploaded on