Incluye referencia bibliográfica e índice.

Part one: management's responsibility

1. Management's role in computer security / Arthur E. Hutt.

2. Policies, standards and procedures / Noel K. Zakin.

3. Information security risk management / John M. Carroll.

4. Employment policies and practices / Robert W. London.

5. Legal issues in computer security / Robert P. Bigelow.

6. Computer crime and computer criminals / G. Jach Bologna.

Part Two: Basic safeguards

7. Contingency planning and disaster recovery / Arthur E. Hutt.

8. Computer risks and insurance / Johnson ; Hggins

9. Auditing computer security / Diane E. Levine.

10. System application controls / Timothy Braithwaire.

Part three: Physical protection

11. Hardware elements of security / Seymour Bosworth.

12. Computer facility protection / Franklin n. Platt

13. Monitoring and related control devices / Eugene V. Redmond.

Part Four: technical protection /

14. Software and information security / Myles E. Walsh.

15. Security of computer data, records, and forms / Douglas B. Hoyt.

16. Data Encryption Diane E. Levine.

17. Data communications and networking / Seymour Bosworth.

18. Penetrating computer systems and networking / M. E. Kabay.

19. Viruses and related threats to computer security / Diane E. Levine.

Part five : special protection issues /

20. Outside services / Jack M. Durner.

21. Security for personal computers / Jon R. David.

22. Local area network security / Diane E. Levine.

23. Security on the Internet / Robert Gezelter.

Appendixes

A1. Central management of distributed systems

A2. Guide for selecting automated risk analysis tools / Irene E. Gilbert.

A3. Security standards manual: table of contents (sample)

A4. Confidentiality agreement (sample)

A5. Admissibility of computer records

A6. Revenue procedure 91-59: IRS guidelines for ADP records

A7. IRS revenue ruling 71-20: what are records?

A8. Confidential and proprietary information agreement (sample)

A9. The hot-side solution: how would you maintain critical operations if disaster struck your site? / Daniel Kilburn.

A 10. Employee nondisclusere agreement (sample)

A 11. Computer privacy in teh United States / Robert P. Bigelow.

A 12. Selected bibliography on computer crime /

A 13. Off-site record storage considerations

A 14. Federal Information processing standards: abstracts

A 14 (a). FIPS PUB 46-2: Data encryption standard

A 14 (b). FIPS PUB 180: Secure Hash standard

A 15. EDP auditing and related packages / Diane E. Levine.

A 15 (a). PC self-assessment / Ernst ; Young.

A 16. LAN security products / Diane E. Levine.

A 17. Model framework for managemetn control over automated information systems (excerpts)

A 18. FFIEC EDP Examination work program

A 19. FFIEC Examination policies

A 20. Minimum security funtionality requirements for multiuser operation systems

A 21. Automated tools for testing computer systems vulnerability / W. Timothy Polk.

A 22. Virus notes and products / Diane E. Levine.

A 23. Threat assessment of malicious code and human threats / Lawrence E. Bassham ; W. Timothy Polk.

A 24. Internet security and risk reduction /

A 25. UPS Systems: technical notes

A 26. Data encryption products / Diane E. Levine.

A 27. Remote access computing / Tommy Ward.

A 28. Firewall protection on the Internet

A 29. End-user computing.