I need your help. I need a good outline for strategic IT security plan standards and guidelines, and other requirements needed to support an IS business continuity plan.
Time and again I have seen articles relating to all of this, but unfortunately when I'm looking for this stuff I cannot find it readily. Please provide me some tips, suggestions and ideas where I can easily access it.
Although there may not be one best place to gather this information from
for your organization, there are several excellent places to start. The
first you should probably look at first for developing an information
security framework is the ISO/IEC 17799 standard. You can purchase it at
www.iso.ch. Other good resources that you could benefit from are the
IETF RFC 2196 Site Security Handbook
(ftp://ftp.isi.edu/in-notes/rfc2196.txt) and the following NIST special
SP 800-18 guide for developing security plans for information technology systems
SP 800-34 contingency planning guide for information technology systems
For more information on this topic, visit these other SearchSecurity.com resources:
This was first published in April 2003