.

Friday, June 14, 2019

Differences and Similarities between Existing Security Standards Essay

Differences and Similarities between Existing Security Standards - Essay ExampleAs discussed before information protection measures is essential for saving the data and assets of a business. Thus, businesses require being completely responsive for devoting additional resources to save data and information assets, as well as information security has to be a top concern for both governments and businesses (Government of the HKSAR, 2008). In addition, the ISO (International Organization for Standardization) has been offering directions and guidelines for customers, businesses, trade officials, governments and developing nations since its establishment in 1947. Additionally, all that knowledge goes into the building of innovative standards and the festering and enhancement of accessible information security standards. In this scenario, the ISO 9000, the excellence management standard, is yet probably the almost identifiable ISO standard to American businesses for the reason that of i ts modulate in the joined State all through the late 80s as well as untimely 1990s. However, there are many top security standards that have been discovered with the passage of time. For instance, whole 27000 series is intend to cover numerous areas of information security as well as risk management (JBwGroup, 2009 Government of the HKSAR, 2008) IS0 27000 Information Security methods, basics as well as vocabulary ISO 27001 Information Security Management System Requirements (available 10/2005) ISO 27002 Code of Practice (available 06/2005) ISO 27003 Planned ISMS Implementation ISO 27004 Directions intended for Information Security Management Metrics as well as Measurement ISO 27005 Guide intended for Risk Management (available 06/2008) ISO 27006 Worldwide Accreditation Requirements (available 03/2007) However, business corporations that have adopted ISMS and attained self-governing 3rd party certification regarding their information security plans have gained a number of st rategic benefits (JBwGroup, 2009 Government of the HKSAR, 2008). Moreover, from the above stated different information security standards I have chosen the ISO/IEC 27001. ISO- 27001 or ISO/IEC 270012005 is typically referred as the most excellent practice specification that facilitates businesses and corporations all through the globe to build up a best-in-class information security management system (ISMS). In addition, these security and safety standards were published jointly by the ISO (international security office) and the international electro-technical commission (IEC). In this scenario, the British standard BS7799-2 was the predecessor for ISO 27001 (IT Governance Ltd., 2011 WikiBooks, 2009 Arnason & Willett, 2008 ISO, 2011 Praxiom Research Group Limited, 2011). In this information technology based age, information and information systems are very important for the businesses. Keeping this fact in mind, ISO 27001 establishes specific needs and requirements which have to be followed, as well as against those requirements organizations information security management systems are audited and certified. In addition, ISO 27001 is intended to harmonies with ISO 140012004, ISO 90012008, ISO 20000 as well as various other security standards established for efficient management system integration. In this scenario, the ISO27001 standard allows the organizations to produce a structure to comply with a lot of authoritarian standards. Additionally, all the United Kingdom businesses have to obey following standards

No comments:

Post a Comment