This paper has been prepared to provide those organizations wishing to demonstrate their compliance with various policy, legal, regulatory and other chosen standards with an understanding of how that may be accomplished through the implementation of an Information Security Management System (ISMS). The approach described considers a four-layer model which maps, or channels, the organization's goal conformity requirements into the overall ISMS model. In doing so the owner organization will build into their ISMS the specific controls and review processes to achieve and to be able to demonstrate their required compliance.
Did you find this white paper useful?
Related white papers
NAC 2.0: A new model for a more secure future
As organizations turn to network access control (NAC) technologies to protect their networks and data, the flaws of earlier versions of NAC are becoming apparent. New pressures from a constantly...
CISSP Prep Course
Prepare for the most important security certification with superior prep materials and test-taking tips. Description: The CISSP has clearly emerged as the key certification for security professionals. In fact, an informal survey...
The Impact of Strong Authentication on the Online Banking User Experience
Convention states that banks can't offer increased online security without impacting the user experience. Think again. With RSA banks can re-write the rules.Download Now: Discover the key to...
Regulatory Compliance: Business Opportunity/Technical Challenge
Good corporate governance has always been an essential part of running a successful enterprise. The ability to comply raises questions about the adequacy of information technology used within the enterprise...
Driving Toward Compliance
Compliance introduces a new level of corporate accountability in which flexibility is a key requirement. One in which consistency and control across ERP, supply chain, CRM, and financial systems is...
Reducing Total Cost of Security Ownership
The cost of security should be measured not only by list price, but in the sum total of operational performance, implementation, and ongoing management costs. IT is no longer shackled...
"Compliance Trends: Evolving Audit Expectations and Best Practices"
After the grueling exercise of preparing for the initial audits under the Sarbanes-Oxley Act, one can expect refinements in enforcement. As best practices emerge - along with a few failures...
