RSS
Getting Started with ISO/IEC 27000 |
|
The ISO/IEC 27000 series includes information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The ISO 27000 series comprises of a family of information security standards that include the ISO 27001 and the ISO 27002 among others. Why is the ISO 27000 such an important standard in the world of information security? The ISO 27000 series provides best practice recommendations on information security management, risks and controls within the context of an overall Information Security Management System (ISMS). It is applicable to organizations of all types, across industries, and sizes. The ISMS concept integrates continuous feedback and improvement activities summarized by a "Plan-Do-Check-Act (PDCA)" approach. In this executive brief, we focus on the two standards that influence information security initiatives worldwide - the ISO 27001 and ISO 27002. The ISO 27001 International Standard is about requirements related to security techniques for information technology and information security management systems. The ISO 27001 International Standard was developed to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS. ISO/IEC 27002 provides best practice recommendations on information security management for use by those who are responsible for initiating, implementing or maintaining an ISMS. Your organization may be impacted by regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and possibly other regulations such as the Payment Card Industry"s Data Security Standard (PCI"s DSS) or U.S. State requirements. An important reference and an excellent framework in the world of information security is the ISO 27001 standard. The ISO 27001 is one of several standards developed by the International Standards Organization (ISO) in the area of information security. -- Uday Ali Pabrai, CISSP (ISSAP, ISSMP), Security+, is the chief executive of ecfirst, an Inc. 500 business. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to hundreds of organizations worldwide. Mr. Pabrai has presented opening keynote and been a featured speaker at several conferences. Mr. Pabrai is a member of the U.S. FBI InfraGard. Source: SEO Blog Advertising: Russian women and Russian girls - Welcome to Dating Agency |
| « Пред. | След. » |
|---|