Heads of federal agencies, chief information officers and any manager who needs a broad overview on information security practices will be interested in a new information security handbook recently issued by computer security experts at the National Institute of Standards and Technology (NIST).
Information Security Handbook: A Guide for Managers (NIST Special Publication 800-100) is aimed specifically at helping managers at federal agencies better understand how to establish and implement an information security program. As the reliance by federal agencies on information technology has grown, so has the need to implement appropriate, cost-effective security controls. This comprehensive guide includes chapters on information security governance; security planning; designing, developing and implementing an awareness and training program; integrating IT security into the capital planning process; risk assessment and management; and incident response among other important security topics.
Information Security Handbook: A Guide for Managers (SP 800-100) and other NIST information security publications are available at http://csrc.nist.gov/publications/nistpubs/index.html.