ISF Releases New Standards

Latest international standard helps companies to implement good practice in information security and mitigate information risks

October 16, 2007

2 Min Read
Network Computing logo

REDWOOD CITY, Calif. -- The Information Security Forum (ISF) today publicly launched the 2007 version of its international Standard of Good Practice for Information Security, which can be downloaded free of charge from www.isfstandard.com.

Aimed at major national and international organizations, the Standard provides a key resource for organisations committed to reducing the business risks associated with information systems. Drawing on the practical experiences of over 300 leading international organisations including many of the Fortune 100 companies, the Standard reflects the latest thinking on information security through workshops, face-to-face meetings and interviews, as well as the results of the ISF’s in-depth research and its comprehensive information security benchmarking tool – the Information Security Status Survey. Building on previous versions released over the last 10 years, the 2007 version includes all the latest ‘hot topics’ in information security such as wireless access, endpoint security, identity management, security architecture, desktop applications, spreadsheets, portable storage devices and Voice over IP networks (VoIPs).

Complying with the Standard can help organizations conform with other information security-related standards such as ISO/IEC 27002 and COBIT v4.1, as well as addressing the information security aspects of increasing legal and regulatory requirements, such as Sarbanes-Oxley Act, Payment Card Industry Data Security Standard (PCI/DSS) and the EU Directive on Data Protection.

“All organizations face an increasing challenge to manage information security risk and meet growing legislative and corporate governance requirements,” said Kim Aarenstrup, Chairman of the ISF and Group Head of Information Security at the A.P. Moller - Maersk Group. “By making the Standard of Good Practice freely available, our aim is to raise awareness of information security and improve policies, standards and procedures; and to help organisations undertake risk analysis, develop best practice controls and measure their effectiveness.”

Information Security Forum (ISF)

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Nextgen network management
Network Management
Nextgen Network Management: What’s Next and Are We Ready?Nextgen Network Management: What’s Next and Are We Ready?
byMary E. Shacklett, President, Transworld Data
May 27, 2024
4 Min Read
SASE Explained: Definition, Benefits, and Best Practice
SASE Networking
SASE Explained: Definition, Benefits, and Best PracticeSASE Explained: Definition, Benefits, and Best Practice
bySalvatore Salamone, Managing Editor, Network Computing
May 1, 2023
22 Min Read
NaaS 2024: A Look at the Future of Network Services
Network Infrastructure
NaaS 2024: A Look at the Future of Network ServicesNaaS 2024: A Look at the Future of Network Services
byPascal Menezes, MEF
Mar 22, 2024
5 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat