本文共 1843 字，大约阅读时间需要 6 分钟。

The Information Systems Assessment (ISSAF) seeks to integrate the following management and internal control checklists:

-Evaluate the organizations policies & processes to report on their compliance with IT industry standards, and applicable laws and regulatory requirements

-Identify and assess the business dependencies on infrastructure services provided by IT-Conduct vulnerability assessments & penetration tests to highlight system vulnerabilities that could result in potential risks to information assets-Specify evaluation models by security domains to :-Find mis-configurations and rectify them-Identifying risks related to technologies and addressing them-Identifying risks within people or business processes and addressing them-Strengthening existing processes and technologies-Provide best practices and procedures to support business continuity initiatives

Benefits of ISSAF

-The ISSAF is intended to comprehensively report on the implementation of existing controls to support IEC/ISO 27001:2005(BS7799), Sarbanes Oxley SOX404, CoBIT, SAS70 and COSO, thus adding value to the operational aspects of IT related business transformation programmes.

-Its primary value will derive from the fact that it provides a tested resource for security practitioners thus freeing them up from commensurate investment in commercial resources or extensive internal research to address their information security needs.-It is designed from the ground up to evolve into a comprehensive body of knowledge for organizations seeking independence and neutrality in their security assessment efforts.

This is not but posters of information security awareness use it impress your boss, colleague , clients etc ..

Download Information Systems Security Assessment

 

download:http://www.oissg.org/custom/information-security-awareness-poster-3.html

转载地址：http://ywqmb.baihongyu.com/