Options
Setting up a new Information Assurance program...
So, I'm setting up a new IA program at work... and I need a little help.
I've been doing INFOSEC/COMPUSEC/COMSEC work for the last 5 or so years... but I've transitioned away from an established organization and joined a group that is still very new... and thus there aren't a lot of programs and policies in place.
So, with that being said, I need a little help setting up a new IA program... and was wondering if anyone knew of any resources that would help. Any advice, templates, etc... would help a great deal!
Thanks!
Regards,
DM
I've been doing INFOSEC/COMPUSEC/COMSEC work for the last 5 or so years... but I've transitioned away from an established organization and joined a group that is still very new... and thus there aren't a lot of programs and policies in place.
So, with that being said, I need a little help setting up a new IA program... and was wondering if anyone knew of any resources that would help. Any advice, templates, etc... would help a great deal!
Thanks!
Regards,
DM
Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow
Comments
-
OptionsComputadora Member Posts: 69 ■■□□□□□□□□I found this link which may be useful, specifically, NSTISSI-4011, CNSSI-4012, CNSSI-4013, and CNSSI 4014 instructions.
UNCLASSIFIED Index -
Optionstpatt100 Member Posts: 2,991 ■■■■■■■■■□SANS has a bunch of templates, somebody here pointed me there a while back. NIST guidelines are good to follow also. Some of your requirements depend on the industry you work in but there is a lot of cross over.
-
Optionsdmoore44 Member Posts: 646Computadora wrote: »I found this link which may be useful, specifically, NSTISSI-4011, CNSSI-4012, CNSSI-4013, and CNSSI 4014 instructions.
UNCLASSIFIED Index
Cool! I appreciate the link - I had not come across that site yet.
I have come across a lot of the DoD IA directives and have copies of some of the policies from when I was in the Air Force, so I've been using them as guides for language and wording and such.
I checked SANS and NIST, but they didn't have what I was looking for (or I was kind of un-impressed).Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow