The ISF’s Standard of Good Practice for Information Security 2018 (the Standard) is the most comprehensive information security standard available. It provides complete coverage of the topics set out in ISO/IEC 27002:2013, NIST Cybersecurity Framework, CIS Top 20, PCI DSS and COBIT 5 for Information Security. It is used by many of the worlds leading organisations as their primary reference to manage information risk.
Our consultancy services will help you implement the Standard to:
- Apply a robust framework for information security that provides consistent risk-based protection across the organisation and in your supply chain
- Meet your regulatory and compliance requirements
- Be agile and exploit new business opportunities – whilst ensuring that associated information risks are managed to acceptable levels
- Respond to rapidly evolving threats
- Update internal security policies.
Following an external audit, a large multinational organisation was required to update and modernise its internal security policies. An ISF Consultant helped the company to use the Standard as the basis for an updated set of policies, procedures and guidelines that met the requirements of the auditors and regulatory bodies.
Please fill out the form below to download a complimentary Executive Summary.