Part 1: security policy and organizational structure; personnel and responsibilities; access control and cryptographic controls; information flow control; security of stored data; monitoring and audit trails; military and commercial security. Part 2: risk analysis and management; conventional computer security risk analysis and management; Courtney Technique of risk analysis; Cramm risk analysis. Part 3: physical security; access control; personal computer security; contingency planning; insurance. Part 4: network security; security on IBM systems; OSI security. Part 5: identify and authentication of the user PINS; privacy, integrity and authentication of financial messages; financial network security. Part 6: communications and logical security; physical security of office systems; procedural and personnel security. Part 7: data protection; legal protection of information assets; computer crime; law and personnel.
