Problem solve Get help with specific problems with your technologies, process and projects.

Strategic IT security plan standards

I need your help. I need a good outline for strategic IT security plan standards and guidelines, and other requirements needed to support an IS business continuity plan.

Time and again I have seen articles relating to all of this, but unfortunately when I'm looking for this stuff I cannot find it readily. Please provide me some tips, suggestions and ideas where I can easily access it.

Although there may not be one best place to gather this information from for your organization, there are several excellent places to start. The first you should probably look at first for developing an information security framework is the ISO/IEC 17799 standard. You can purchase it at www.iso.ch. Other good resources that you could benefit from are the IETF RFC 2196 Site Security Handbook (ftp://ftp.isi.edu/in-notes/rfc2196.txt) and the following NIST special publications:
SP 800-18 guide for developing security plans for information technology systems
SP 800-34 contingency planning guide for information technology systems

For more information on this topic, visit these other SearchSecurity.com resources:
  • Ask the Expert: Differentiating between policies, standards, proceedures and technical controls
  • Ask the Expert: Standards vs. policies
  • Security Policies Tip: Security -- The Common Criteria

  • This was last published in April 2003

    Dig Deeper on Information security policies, procedures and guidelines

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.