Information Security Experts Say…

Most Recommended by Security Pros!

Information Security Policies Made Easy is the leading policy development resource recommended by top experts in information security and data privacy.  Below is a sample of the outstanding reviews we have received:

“If I could have only six books in my professional library, this would be one of them.”

Dr. Harold Highland
Editor, Emeritus of Computers & Security magazine

“Information Security Policies Made Easy (ISPME) is one of the most
important information security books available for those who are serious about
creating a comprehensive set of information systems security policies. Given the
dynamic nature of technology, very few technology books can stand the test of
time and remain relevant for a few years, let alone a decade after their
original printing.”

Ben Rothke CISSP, CISM
Director – Security Technology Implementation, AXA Technology Services

“The [ISPME] guidelines
have saved three months of manual effort that would have been required
to research and write policies.”

Douglas Feil
EDP Audit Manager, City & County of San Francisco,
Management Systems & Strategies

“It gave us everything we needed
to help us write standards and communicate [policies] in
a clear, concise manner with no ambiguity or technical jargon …
the book paid for itself in two weeks.”

Jonah Goldsmith
Data Security Consultant to Large Medical Insurance Company,
LAN Times

you are an auditor, business security or InfoSec specialist, part
of corporate management or other business professional, and want
to be sure you have a strong foundation for your InfoSec program,
you must get and use this book. This book contains not only policies
but also a guideline on how to use the policies; provides matrices
that make it easier to understand how they all fit together; and
many useful appendices. Some may say that this book is too expensive
and one can find cheaper books of InfoSec policies. If you go cheap
you get cheap. Can you afford to do that when mistakes can be costly
and when the protection of your company’s information and competitive
edge may be at stake? Buy this book, use it and start building a
comprehensive InfoSec program for your company.”

Dr. Gerald L. Kovacich

“Information Security Policies Made Easy is an indispensable
tool for anyone who needs to develop a HIPAA security policy. Those
who are familiar with the hardbound version of the classic work
by Charles Cresson Woods will be amazed by this interactive format.
Navigation aids such as the ‘find’ command allowed me to cut my
development time considerably.”

Harry E. Smith, CISSP, Co-Founder
PrivaPlan Associates, Inc.

“This is the gold standard Policy reference for any serious security practitioner
to have in their arsenal of tools, a must have! The instructions
and examples for establishing security polices and implementation
processes add real value to this edition.”

John B. Kramer, CISSP, CISA
Information Security Manager – UPMCHS

“Wood has created a complete kit of proven best practices that any organization
can use and customize to make policies meeting their exact needs.”

Jay Heiser
Columnist, Information Security magazine.

“In 1993, I was asked to develop my first information security policy.
I began by cutting and pasting a series of thoughts and calling
that a policy. Usually these policies were rejected by management.
To ensure that my organization had strong Information Security policies
in place, I purchased a copy of Information Security Policies Made
Easy. Quickly I learned that creating a policy was a process that
included writing policies, editing policies, obtaining management
approval, communicating policies, and implementing controls to meet
the policy requirements. The book provides the reader with the tools
necessary to develop policies, including an easy to use CD (fully-linked
and searchable).”

Diana-Lynn Contesti, CISSP, SSCP
Information Security Officer – Dofasco Inc.

“Charles Cresson Wood…is an expert’s expert, and knows more about
computer security policies than anyone I know.”

Michael Alexander
Editor, Datamation

“This book is invaluable to those responsible for creating or maintaining an information security policy manual or similar documents.”

Belden Menkus
Editor, EDPACS