The Standard of Good Practice for Information Security 2016 (the Standard) provides comprehensive controls and guidance on current and emerging information security topics enabling organisations to respond to the rapid pace at which threats, technology and risks evolve.

Implementing the Standard helps organisations to:

– Identify how regulatory and compliance requirements can be met

– Respond to rapidly evolving threats, including sophisticated cyber security attacks by using threat intelligence to increase cyber resilience

– Be agile and exploit new opportunities – while ensuring that associated information risks are managed to acceptable levels.

The latest edition of the Standard includes the introduction of topics such as: Threat Intelligence, Cyber Attack Protection and Industrial Control Systems, as well as, significant enhancement of existing topics including: Information Risk Assessment, Security Architecture and Enterprise Mobility Management.

The Standard, along with the ISF Benchmark; a comprehensive security control assessment tool, provide complete coverage of the topics set out in ISO/IEC 27002:2013, COBIT 5 for Information Security, NIST Cybersecurity Framework, CIS Top 20 Critical Security Controls for Effective Cyber Defense and Payment Card Industry Data Security Standard (PCI DSS) version 3.1.

Executive Summary and Press Release

The ISF Standard of Good Practice for Information Security

Please fill out the form below to download a complimentary Executive Summary and Press Release.

Please provide your details to download this document:

The Information Security Forum (ISF) is a data controller for the personal data collected on this website.

For information on how we collect and use your personal data, please read our Privacy Notice.

Please read and agree with our Terms Of Use.

From time to time, the ISF would like to contact you regarding our latest products, services and events.

By ticking the relevant boxes below, please indicate your preferences on how you want to be contacted:

You can update your preferences at any time, or withdraw consent after submission by going to the ‘Already Registered’ tab.

Please enter the email address you previously registered with to access the download:

You have previously downloaded from our website. For more information on how we use your personal information, please see our Privacy Notice.

Please refamiliarise yourself with our Terms Of Use.

To update your preferences on how you would like to be contacted by the ISF, please indicate below:

To unsubscribe from all ISF communications. Click here: