Risk Associates
|
|
DOWNLOAD - CONTACTS
Resources for Security Risk Analysis, ISO 17799 / BS7799
|
|
BCP Generator
|
|
The keys to sound security are often considered to be: deployment of a sensible security risk analysis approach, compliance with a recognized standard such as ISO17799 or BS7799, development of comprehensive information security policies and deployment of a detailed security audit programme.
But where to start? Security risk analysis is often presented in a confusing and over-complicated manner, ISO 17799 or BS7799 compliance can seem a daunting task, security policies can be totally ignored in practice, and security audit is sometimes less effective than it should be due to over-stretching of busy audit professionals.
This web site is intended to provide a launch pad to help alleviate these difficulties. For each of these issues in turn, we direct you to a site that details a proven approach and commonly used tool.
Whether you need a security risk analysis method/product, guidance on how to achieve compliance with ISO 17799, BS7799 or your own IT security policies, or whether you simply wish to increase the productivity of your security audit team, the resources below should help.
Before considering HOW to embrace security risk analysis, it is essential to understand WHAT it is. The following site provides an excellent introduction to the topic:
Introduction to Security Risk Analysis
For a shorter and more sales focused description, visit:
Information security policies are all too often well written and then generally ignored. But there are methods to help prevent this and manage compliance enterprise wide. The following site considers a technique and method to help address this frustrating problem:
A comprehensive set of ISO 17799 compliant pre-written security policies is available for download from the following site:
Compliance with ISO 17799 and BS7799 is of growing importance. But.... it is a substantial task. The scale of the job can be reduced, however, by employing a formal approach and proven product.
The following site describes an approach consistent with that covered above for risk analysis:
A security auditor's lot can be a very difficult and overworked one. But it IS possible to make security audit a more managed process and simultaneously improve productivity WITHOUT reducing effectiveness. The following site introduces an automated tool used by many organizations to achieve this:
Getting a handle on security risk analysis, BS7799 / ISO 17799, security policies and security audit is critical in ensuring that appropriate security is delivered as productively and effectively as possible. The above sites should help you to achieve this.
If, however, you need further assistance or guidance, please contact us
|
|
|
|