Security Procedure

PROGRAM CHANGE:
Accounting, Audit, Governance, Policies, Procedures, Regulatory Compliance, Revenue Assurance, Risk Assessment
ACCESS CONTROL:
Awareness & Training, Fraud & Phishing, Incident Management, Internet Security, Security, Service Management, Spam
COMPUTER OPERATION:
Backup & Restore, Contingency, Data Center, Disaster Recovery, Environmental Exposures, System Log
STANDARD:
British Standard, Certification, Cobit, Financial Institution, ISO Standard, ITIL, NIST-SP, Oil & Gas, Sarbanes Oxley, Standard, US Standard
FREE TOOLS:
Anti Phishing, Anti Spam, Anti Spyware, Anti Virus, Audit Tools, Data Removal, Encryption, Firewall, Forensics, Password, Secure Connection

User login

Who's new

ISO27001

ISO 27001 information Security Management System Checklist

in

Information Security Policy

Whether there exists an Information security policy, which is approved by the management, published and communicated as appropriate to all employees.
Whether the policy states management commitment and sets out the organizational approach to managing information security.
Whether the Information Security Policy is reviewed at planned intervals, or if significant changes occur to ensure its continuing suitability, adequacy and effectiveness.
Whether the Information Security policy has an owner, who has approved management responsibility for development, review and evaluation of the security policy.

Internal Organization

Read more
255 reads

Comparison between COBIT, ITIL and ISO 27001

in

Many friend of mine keep asking me about what is should be implemented first to improve their information system management: whether taking Cobit, ITIL, or ISO27001. And the next question usually which one is the easiest to be implemented in their company.

To be able to answer this question, let me tell you the definition of this three major standard in information system, who has a little bit difference in basic concept.

COBIT

Cobit is stand for Control Objective over Information and Related Technology. Cobit issued by ISACA (Information System Control Standard) a non profit organization for IT Governance. The Cobit main function is to help the company, mapping their IT process to ISACA best practices standard. Cobit usually choosen by the company who performing information system audit, whether related to financial audit or general IT audit.

ITIL

ITIL is stand for Information Technology Library. ITIL issued by OGC, is a set of framework for managing IT Service Level. Although ITIL is quite similar with COBIT in many ways, but the basic difference is Cobit set the standard by seeing the process based and risk, and in the other hand ITIL set the standard from basic IT service.

ISO27001

ISO27001 is much more different between COBIT and ITIL, because ISO27001 is a security standard, so it has smaller but deeper domain compare to COBIT and ITIL.

Read more
3053 reads

ISO/IEC 27001

in

ISO/IEC 27001 part of a growing family of ISO/IEC standards, the 'ISO/IEC 27000 series' is an information security management system (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as "ISO 27001".

It is intended to be used in conjunction with ISO/IEC 27002, the Code of Practice for Information Security Management, which lists security control objectives and recommends a range of specific security controls. Organizations that implement an ISMS in accordance with the best practice advice in ISO/IEC 27002 are likely simultaneously to meet the requirements of ISO/IEC 27001 but certification is entirely optional (unless mandated by the organization's stakeholders).

Read more
77 reads

Popular Downloads

more

Security Procedure

Popular Documents