I need your help. I need a good outline for strategic IT security plan standards and guidelines, and other requirements...
needed to support an IS business continuity plan.
Time and again I have seen articles relating to all of this, but unfortunately when I'm looking for this stuff I cannot find it readily. Please provide me some tips, suggestions and ideas where I can easily access it.
Although there may not be one best place to gather this information from for your organization, there are several excellent places to start. The first you should probably look at first for developing an information security framework is the ISO/IEC 17799 standard. You can purchase it at www.iso.ch. Other good resources that you could benefit from are the IETF RFC 2196 Site Security Handbook (ftp://ftp.isi.edu/in-notes/rfc2196.txt) and the following NIST special publications:
SP 800-18 guide for developing security plans for information technology systems
SP 800-34 contingency planning guide for information technology systems
For more information on this topic, visit these other SearchSecurity.com resources:
Dig Deeper on Information security policies, procedures and guidelines
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.