本文共 1843 字,大约阅读时间需要 6 分钟。
The Information Systems Assessment (ISSAF) seeks to integrate the following management and internal control checklists:
-Evaluate the organizations policies & processes to report on their compliance with IT industry standards, and applicable laws and regulatory requirements
-Identify and assess the business dependencies on infrastructure services provided by IT-Conduct vulnerability assessments & penetration tests to highlight system vulnerabilities that could result in potential risks to information assets-Specify evaluation models by security domains to :-Find mis-configurations and rectify them-Identifying risks related to technologies and addressing them-Identifying risks within people or business processes and addressing them-Strengthening existing processes and technologies-Provide best practices and procedures to support business continuity initiativesBenefits of ISSAF
-The ISSAF is intended to comprehensively report on the implementation of existing controls to support IEC/ISO 27001:2005(BS7799), Sarbanes Oxley SOX404, CoBIT, SAS70 and COSO, thus adding value to the operational aspects of IT related business transformation programmes.
-Its primary value will derive from the fact that it provides a tested resource for security practitioners thus freeing them up from commensurate investment in commercial resources or extensive internal research to address their information security needs.-It is designed from the ground up to evolve into a comprehensive body of knowledge for organizations seeking independence and neutrality in their security assessment efforts.This is not but posters of information security awareness use it impress your boss, colleague , clients etc ..
Download Information Systems Security Assessment
download:http://www.oissg.org/custom/information-security-awareness-poster-3.html
转载地址:http://ywqmb.baihongyu.com/