The Standard of Good Practice for Information Security is designed to help any organisation, irrespective of market sector, size or structure, keep the business risks associated with its information systems within acceptable limits. It is a major tool in improving the quality and efficiency of security controls applied by an organisation.
The Standard is based on over 16 years and US $75 million of investment in practical research and draws on the knowledge and experiences of the Information Security Forum's global members as well as building on other standards such as ISO 17799 and COBIT.
See full Summary and to obtain a free copy.