About the Author

Among other things, Mr. Desman discovered early on that the basis for any program is in a complete set of policies and procedures. Where his approach diverged from the mainstream was with the notion that the populace in general ought to be made aware of this body of irrefutable knowledge, and once they have found themselves knee deep in it, they should be able to understand it. These two characteristics, and the explanations as to how to put documentation in this form, are the main thrust of this book. Perhaps most important is the notion he holds that information security is a people issue, rather than a technical one. To be sure, we use technical tools to resolve the problem areas, but we must rely on the knowledge and cooperation of the people involved for any program to be successful.