BSI and Rotterdam school of management, Erasmus university conducted a research study about ISO/IEC 27001 Information technology. Security techniques. BSI interviewed Henk de Vries who is one of the experts behind the study.
ISO27001 (ISO 27001) ISMS Requirements (Download now)
ISO27002 (ISO 27002) Code of Practice for ISM (Download now)
To Download a copy of ISO27003 – Implementation [...]
It is one of an important decision for your organization when you have to decide between ISO 27001 certification and ISO 27002 compliance. When continuous compliance with the standards may save you money in short run but ISO 27001(ISMS) certification outweighs benefits in long run. ISO compliance is a commitment for an organization [...]
Information Security Breaches: Avoidance and Treatment based on ISO27001
If you are running a business, you learn to expect the unexpected. Even if you have taken all the right precautions, your company might still find itself confronted with an information security breach. How would your business cope then?
There are lots of books that will tell you [...]
IT Governance Ltd, the ISO27001 and information security experts have reported that they are making a number of free resources available for download from their US website to help US companies meet the challenges of increased cyber crime.
July 12, 2011 /24-7PressRelease/ — IT Governance Ltd, the ISO27001 and information security experts have reported that they [...]
Three years ago, California state IT council adopted the information security program guide which help organizations to comply with SB 1386. The council advised the use of information security standard ISO 27002 framework to comply and meet the needs of SB 1386.
This legislation deals with the security of personal information and is applicable to all [...]
The long awaited international standard to the implementation of an information security management system, ISO/IEC 27003:2010, is now available.
It’s a must have –
To Download a copy of ISO27003 – Implementation Guidance
Key Features and Benefits:
The first standard to offer comprehensive guidance on implementing an ISO/IEC 27001:2005 ISMS. Using this standard during an ISMS implementation will [...]
Image by Adam Melancon via Flickr
The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments
Definition – A risk assessment framework (RAF) is a strategy for prioritizing and sharing information about the security risks to an information technology (IT) infrastructure.
A good RAF organizes and presents information in a way that both technical [...]
Image by purpleslog via FlickrIn 2010 there will be two important compliance laws introduced which will affect the majority of North American organizations and many global organization too.
45 US States followed California when they introduced “SB1386“, the Security Breach Information Act, which has specific and restrictive privacy breach reporting requirements.
From the 1st January 2010, ALL [...]
Image via Wikipedia
FISMA Certification & Accreditation Handbook
The organizations need to establish security program to manage their day to day risks. Before selecting the controls from standards such as (NIST 800-53 or ISO 27002), organizations need to have complete inventory of the assets involved in the scope. Assets involved in the scope would require a comprehensive [...]
Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazine’s annual “State of the Net” survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be [...]
