How secure is your organisation’s information? At any given moment, can a security leader look an executive in the eye and tell them how well business processes, projects and supporting assets are protected?

The full Establishing A Business-Focused Security Assurance Programme: Confidence In Controls report, provides guidance on how to develop a security assurance programme that builds on compliance-based approaches, to truly focus on the needs of the business. It outlines the need for change towards a business-focused approach and introduces three fundamental elements, that underpin successful business-focused security assurance.

The ISF approach set out in this report helps to:

  • identify the exact requirements business stakeholders have when discussing security assurance
  • break down these requirements into manageable tasks
  • determine which type of testing and data collection can help to provide security assurance
  • apply a repeatable security assurance process across multiple target environments (i.e. business processes, projects and supporting assets, in specific business units and regions or across the organisation)
  • choose relevant metrics and key indicators to measure and report on security performance

For further information and a high level overview of the full report download our complimentary Executive Summary.

If you would like to access the full report and are not an ISF member, please contact our team.

Executive Summary and Press Release

Establishing A Business-Focused Security Assurance Programme: Confidence In Controls

Please fill out the form below to download a complimentary Executive Summary and Press Release .

Please provide your details to download this document:

The Information Security Forum (ISF) is a data controller for the personal data collected on this website.

For information on how we collect and use your personal data, please read our Privacy Notice.

From time to time, the ISF would like to contact you regarding our latest products, services and events.

By ticking the relevant boxes below, please indicate your preferences on how you want to be contacted:

You can update your preferences at any time, or withdraw consent after submission by going to the ‘Already Registered’ tab.

Please check this box to confirm that you have read and agree with our Privacy Policy and Terms Of Use

Please enter the email address you previously registered with to access the download:

You have previously downloaded from our website. For more information on how we use your personal information, please see our Privacy Notice.

Please refamiliarise yourself with our Terms Of Use.

To update your preferences on how you would like to be contacted by the ISF, please indicate below:

To unsubscribe from all ISF communications. Click here: