The ISF’s Standard of Good Practice for Information Security (the Standard) is the most comprehensive information security standard available. It provides complete coverage of the topics set out in ISO/IEC 27002:2013, COBIT 5 for Information Security NIST Cybersecurity framework, CIS Top 20 Critical Security Controls for Effective Cyber Defense and Payment Card Industry Data Security Standard (PCI:DSS) version 3.1. It is used by many of the worlds leading organisations as their primary reference to manage information risk.
Our consultancy services will help you implement the Standard to:
- Apply a robust framework for information security that provides consistent risk-based protection across the organisation and in your supply chain
- Meet your regulatory and compliance requirements
- Be agile and exploit new business opportunities – whilst ensuring that associated information risks are managed to acceptable levels
- Respond to rapidly evolving threats
- Update internal security policies.
Following an external audit, a large multinational organisation was required to update and modernise its internal security policies. An ISF Consultant helped the company to use the Standard as the basis for an updated set of policies, procedures and guidelines that met the requirements of the auditors and regulatory bodies.
Please fill out the form below to download a complimentary Executive Summary.