vadimpro

http://www.mrm.ru/news/sao/voikov/z_7321/

The Standard of Good Practice for Information Security (the Standard) is the foremost authority on information security. It addresses information security from a business perspective, providing a practical basis for assessing an organisation’s information security arrangements. The Standard represents part of the ISF's information risk management suite of products and is based on a wealth of material, in-depth research, and the extensive knowledge and practical experience of ISF Members worldwide. The Standard is updated at least every two years in order to: • respond to the needs of leading international organisations • refine areas of best practice for information security • reflect the most up-to-date thinking in information security • remain aligned with other information security-related standards, such as ISO 27002 (17799), COBIT v4.1 and PCI/DSS • include information on the latest ‘hot topics’. Information Security Forum (ISF)