Subscribe Dialwebhosting Offers Subscribe to get exclusive offers directly in your inbox!

Wiki

Information Security Standards


"Standard" term is used in the perspective of information security policies in order to distinguish in between written standards, procedures, and policies. Businesses need to maintain this three documentation to secure their work environment. These policies are advanced rules or statements about securing the systems or people. (For instance, the policy will state that 'XYZ Company will maintain the secure passwords')

"Standard" is prescription for different ways in which company enforces a policy. (For instance, passwords should have eight characters as well as it should have one number) 

"Procedure" is described as a method of implementing different standards. For instance, XYZ Company will enable the length of password on Windows systems. 

Here, the usage of "standard" term differs as it is related to the information privacy and security frameworks like COBIT or ISO/IEC 27002.

IT Governance Standards -

• Information Security Management Systems’ ISO/IEC 27000 - The document offers a synopsis of Information Security Management Systems' ISO/IEC 27000 family that contains inter-related guidelines and standards, which are under progress or already published. Additionally, it contains numerous structural components. 

ISO 27001 - The document offers ISO standards for implementing, maintaining, establishing as well as improving Information Security Management system in the context of the organization. 

ISO 27002 - The document introduces practice code for the information security controls.

COBIT – COBIT stands for Control Objectives for Information and Related Technology. It is published via the Standards Board of ISACA (Information Systems Audit and Control Association) offering control agenda for management and governance of enterprise IT. 

British Standard 7799 Part 3 – Published through BSI Group, It is a set of guidelines is for Information Security Risk Management.

• ITIL or ISO/IEC 2000 series - It is a document that introduces ITSM or IT Service Management’ best practices as well as focuses on IT service processes. Also, it considers the users’ central role. 

ISO/IEC 15408 or Common Criteria - It is a set of criteria’s that is established by as well as aligned with National Security Standards Organizations of Canada, France, Australia, Germany, Netherlands, New Zealand, Japan, UK, Us, and Spain.

SANS Security Policy Resource - Developed by SANS Institute, these are made for implementation and rapid development of Information Security policies.

• National Information Security Technology Standard Specification - The webpage introduces a set of National Information Security Standards conveyed by Technical Committee of National Information Security Standards. Authentication, authorization, information security evaluation, and information security management are some of the standards included in this set. 


Dialwebhosting is a leading Web Hosting Provider offering solutions on Dedicated Servers Hosting & Cloud Server Hosting in India. Call our technical experts at 1888-288-3570 or mail us at international@dialwebhosting.com.

Designed & Developed by Cyfuture India Private Limited