=>What ISO 17799 is and is not -- Information security is defined - TopicsExpress

=>What ISO 17799 is and is not -- Information security is defined as the preservation of confidentiality, integrity, and availability. It is achieved by implementing controls, which may be policies, practices, procedures, organizational structures, or software functions. (ISO 17799). ISO 17799 offers guidelines for safeguarding information assets by providing a list of information security controls. The standard contains 127 controls from 10 areas, which are listed later in this paper. Controls can be designated as organization-level or application-level controls. Organization-level controls apply to the security perimeter in which an organization operates and are needed for effective web application security. Application-level controls apply to individual web applications. ISO 17799 suggests what security controls to include in a security program, but does not specify how to develop or administer them. It is not a technical standard, nor is it driven by specific technology. It does not provide a scoring mechanism or other methods for evaluation. However, it is said to be compatible with the Equipment Assurance Level (EAL) scoring of the Common Criteria, ISO 15408 (Bisson, St. Germain; Carlson, 2001). ISO 17799 recommends that the selection of controls an organization employs be determined by: a) a risk assessment, b) legal, statutory, regulatory, and contractual requirements, and c) an organization’s particular set of principles, objectives, and requirements for information processing. Although the standard places a very strong emphasis on the need for a risk assessment, it does not provide guidelines for conducting a risk assessment. However, COBRA is a software tool (unofficially) associated with ISO 17799 and is used to facilitate conducting risk assessments (C&A Security Risk Analysis Group, 2003). ISO 17799 also does not provide security guidelines for specific legislation. Instead, it provides guidelines on safeguarding organizational records, which may be required as evidence in legal proceedings.

Em plena era pré-histórica, escondidos na maior parte do tempo

The Bible continually underscores the need to know Jesus and

Não sou a favor das touradas. Detesto ver maltratar animais,

Q: This might be a dumb question, but is there a way to easily

Philosophical Problems of the Internal and External Worlds: Essays

Přijde muž do sauny, kde skupinka Jamajčanů kouří trávu.

Inicia el proceso electoral en Costa Rica Estamos a punto de

Black Friday & Cyber Monday Deals 2014 @@ Sharp R-820JS 0.9-Cubic

Gray...stays. Until next week. Clouds with patchy drizzle or

This is a true story from the Nigerian Embassy in US!!! A few

"EH: Quiero llegar a un acuerdo con ustedes en dos puntos.

Just leaving the oncologist office with a good report, Praise The

OK, I admittedly have to read this piece carefully, but we were

Im looking for 4 more contestants for the Weight Loss Contest, pls

"...opozice naopak bude přesvědčovat poslance, ať pro vládu

Below is what will be needed to enter the 2014 NAPA MEGA 15k May

EXCUSE ME.. For those who may be thinking that Jubilee wil

Bats at the Ready Canvas Print / Canvas Art - Artist Gallery Three

actual payday loan online lenders

AWAKE! To The True Name OF GOD THE MESSAGE OF ELIJAH THE

We rode the Norcom on our favorite TT course and set our second