The Standard of Good Practice for Information Security (the Standard) is the foremost authority on information security. It addresses information security from a business perspective, providing a practical basis for assessing an organisation’s information security arrangements.
The Standard represents part of the ISF's information risk management suite of products and is based on a wealth of material, in-depth research, and the extensive knowledge and practical experience of ISF Members worldwide.
The Standard is updated at least every two years in order to:
• respond to the needs of leading international organisations
• refine areas of best practice for information security
• reflect the most up-to-date thinking in information security
• remain aligned with other information security-related standards, such as ISO 27002 (17799), COBIT v4.1 and PCI/DSS
• include information on the latest ‘hot topics’.
The Standard represents part of the ISF's information risk management suite of products and is based on a wealth of material, in-depth research, and the extensive knowledge and practical experience of ISF Members worldwide.
The Standard is updated at least every two years in order to:
• respond to the needs of leading international organisations
• refine areas of best practice for information security
• reflect the most up-to-date thinking in information security
• remain aligned with other information security-related standards, such as ISO 27002 (17799), COBIT v4.1 and PCI/DSS
• include information on the latest ‘hot topics’.
Features of the Standard:
Overview of the Standard: 
No hay comentarios:
Publicar un comentario