Requirement 12 – Resources

Requirement 12: Maintain a policy that addresses information security for all personnel

IT Security Policies
– www.sans.org/security-resources/policies/
– http://www.princeton.edu/oit/it-policies/it-security-policy/

IT Risk Assessment
– http://www.isaca.org/
-http://www.isaca.org/chapters2/Pittsburgh/events/Documents/Event_Archive_2010_2011/10OctPresentationHandouts.pdf

PCI DSS Roadmap
https://www.pcisecuritystandards.org/documents/Prioritized_Approach_V2.0.pdf

Service Provider Due Diligence
– https://www.pcisecuritystandards.org/documents/PCI_DSS_V3.0_Third_Party_Security_Assurance.pdf
– http://www.itduediligenceguide.com/free-checklist-download/
– https://vendorrisk.com/

Security Awareness Training
– http://www.securingthehuman.org/
– http://phishme.com/security-awareness-engaging/

There are many freely available PowerPoint training slides available that can be used as a starting point such as:
– www.cs.uwp.edu/Classes/Cs490/project/UserSecurityAwareness.ppt
– http://legacy.wlu.ca/docsnpubs_detail.php?grp_id=47&doc_id=20476
– www.pi.ac.th/up_news/c6f798Security_Awareness_Training.ppt
– https://ifap.ed.gov/presentations/attachments/04EACSession46.ppt
– http://www.isqworld.com/free-ppt-for-security-awareness-training-for-top-management/

Posted in Resources.