return to tools

Standard of Good Practice for Information Security 2020

riskhot topicsemerging threatsransomwaretechnologygovernancesupply chaincloudcompliancepeopleai
Standard of Good Practice for Information Security 2020
Download the executive summary

The goal of every information security professional is to enable the organisation to conduct its business safely and securely, and to successfully avoid threats. But between all of the research, planning, and meetings, and a secure operating environment, lies a critical link: the organisation’s security policies and standards.

The Standard of Good Practice for Information Security 2020 (SOGP 2020) provides a business-orientated focus on current and emerging information security issues and helps organisations develop an effective framework for information security policies, standards and procedures.

This latest edition of the SOGP includes new or enhanced coverage of the following Categories, Areas and Topics: Security Workforce, Core Cloud Security Controls, Security Operation Centres, Mobile Application Management, Asset Registers, Security Assurance, Supply Chain Management and Security Event Management.

SOGP 2020 is used by ISF Members to:

  • improve resilience against the ever-changing threat landscape
  • provide a foundation for your information risk assessments
  • validate information security arrangements in the supply chain
  • support compliance with major information security related standards
  • form a basis for policies, standards and procedures.