Posts Tagged ‘iso assessment’

Meet Stringent California Information Security Legislation with Comprehensive Toolkit

Three years ago, California state IT council adopted the information security program guide which help organizations to comply with SB 1386. The council advised the use of information security standard ISO 27002 framework to comply and meet the needs of SB 1386. This legislation deals with the security of personal information and is applicable to […]

Comments (6)

Way beyond the edge and de-perimeterization

Image by pittigliani2005 via Flickr De-perimeterization term has been around almost for a decade and finally industry is taking it seriously because of virtualization and cloud computing popularity. Is it time for businesses to emabrace de-perimeterization? De-perimeterization is a double edge sword for industry which creates scalable options for operation and huge challenges for safeguarding […]

Comments (1)

Control selection and cost savings

Information Security Risk Analysis In risk management, risk treatment process begins after completion of a comprehensive risk assessment. Once risks have been assessed, risk manager utilize the following techniques to manage the risks • Avoidance (eliminate) • Reduction (mitigate) • Transfer (outsource or insure) • Retention (accept and budget) Now the question is how to […]

Comments (2)

SB1386 and ISO27002

In April 20007, California state IT council adopted the information security program guide which help organizations to comply with SB 1386. The council advised the use of information security standard ISO 27002 framework to comply and meet the needs of SB 1386. [Table = 13] Which businesses are affected by SB 1386 law? o If […]

Leave a Comment

ISO27k and compliance

Security review is performed to identify and analyze risks and weaknesses in the current security posture of an organization. An ISO assessment is performed utilizing international standard ISO 27002 and company security policy, the purpose of the review is to evaluate the information security posture of an organization based on international standard. The level of […]

Leave a Comment