Organizations seeking certification against ISO 27001 can save considerable time and effort using pre-written information security policies from Information Shield. ISPME Version 10 provides complete policy coverage for the eleven information security domains of ISO 17799:2005. ISPME facilitates a risk-based approach to information security programs by not only defining policies for risk assessments, but by including risk statements and discussion for each of the over 1300 controls within the library. Along with its companion publication, Information Security Roles and Responsibilities Made Easy, ISPME allows an organization to quickly demonstrate management's support for information security in clear and concise policy documents and written functional job requirements.
Did you find this white paper useful?
Related white papers
Eroding Spam Filter Effectiveness: Bad for Business
As spammers and scammers continually introduce new and more sophisticated distribution techniques, organizations continue to see tremendous increases in spam and other email-borne threats--and the attacks are getting increasingly difficult...
Accelerating Secure Business Applications Podcast
Download this Riverbed Connect podcast and listen as Bob Gilbert discusses with Mark Day, Riverbed's Chief Scientist, the details involving SSL encryption, SSL's impact on WAN optimization, and new wide-area...
Outbound Email and Data Loss Prevention in Today's Enterprise, 2008
How concerned are companies about the content of email leaving their organizations? And how do companies manage the legal and financial risks associated with outbound email? To find out, Proofpoint...
Extended Description Techniques for Security Engineering
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure...
A Calculus for Cryptographic Protocols
We introduce the spi calculus, an extension of the pi calculus designed for describing and analyzing cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication...
Trust Web Services and XML Security Standards
Web services are self-contained, modular applications that can be described, published, located, and invoked over the Internet. Web services perform well-defined functions both for applications and other Web services, which...
Critics Blast FCC Wiretap Specs
Sweeping standards announced by the Federal Communications Commission would make all common carriers, including cable operators and utilities offering telecommunications services, subject to a controversial 1994 digital wiretap law. Critics...
