Hi! I need some suggestions of books which contain everything I need to know about writing IT related securities and policies. I’m also looking for sources of what type of documentation the IT department should be concerned with keeping. Lastly, can someone point me to info on companies who’ve faced litigation due to lack of policy documentation i.e. ECP?