The goal of every information security professional is to enable the organisation to conduct its business safely and securely, and to successfully avoid threats. But between all of the research, planning, and meetings, and a secure operating environment, lies a critical link: the organisation’s security policies and standards.

The Standard of Good Practice for Information Security 2020 (SOGP 2020) provides a business-orientated focus on current and emerging information security issues and helps organisations develop an effective framework for information security policies, standards and procedures

This latest edition of the SOGP includes new or enhanced coverage of the following Categories, Areas and Topics: Security Workforce, Core Cloud Security Controls, Security Operation Centres, Mobile Application Management, Asset Registers, Security Assurance, Supply Chain Management and Security Event Management.

SOGP 2020 is used by ISF Members to:

  • improve resilience against the ever-changing threat landscape
  • provide a foundation for your information risk assessments
  • validate information security arrangements in the supply chain
  • support compliance with major information security related standards
  • form a basis for policies, standards and procedures.

This Executive Summary, aimed at executive management provides an overview of how ISF Members use the Standard of Good Practice for Information Security 2020 (SOGP 2020) to respond to rapidly evolving threats, technology and compliance.

Make SOGP 2020 Work For You

Optimise your use of SOGP 2020 with training from ISF Learning. Find out more by filling out the form below.

Executive Summary

Standard of Good Practice for Information Security 2020

Please fill out the form below to download a complimentary Executive Summary.