- Engels
- Study
- nature & science
- informatica algemeen
- informatica algemeen
- OPEN INFORMATION SECURITY MANAGEMENT MATURITY MODEL (O-ISM3)
THE OPEN GROUP
OPEN INFORMATION SECURITY MANAGEMENT MATURITY MODEL (O-ISM3)
34,83incl BTW
Vertrouwd sinds 1927
Persoonlijke aandacht en advies
Vanaf 17,50 gratis verzenden NL & BE
Meer dan 150.000 artikelen online
Omschrijving OPEN INFORMATION SECURITY MANAGEMENT MATURITY MODEL (O-ISM3)
All businesses need information security to protect our systems from the risk of threats. This Open Information Security Management Maturity Model (O-ISM3) supports information security practitioners in this fundamental task by covering the key area
s required to minimise these threats:
? Risk Management : identifying and estimating levels of exposure to the
likelihood of loss and how to manage those risks of loss;
? Security Controls : crafting the IT Security Policy which assures
operations are as secure as they need to be;
? Security Management : supporting the selection, maintenance, and overall
Security Policy for the security controls deployed in a business enterprise.
The O-ISM3 standard focuses on the c
ommon processes of information security. It is technology-neutral, very practical and considers the business aspect in depth. This means that practitioners can use O-ISM3 with a wide variety of protection techniques used in the marketplace.
The distinctive benefits of O-ISM3 are:
? A fully process-based approach
It breaks information security management down into a comprehensive but manageable number of processes, with specifically relevant security control(s) being identified.
In addition it covers the principles of continuous improvement that O-ISM3 supports.
? Maturity coverage
O-ISM3 defines information security management maturity in terms of the
operation of an appropriate complementary set of ISM3 info
ation security
processes.
? A business approach
The coverage considers the business drivers and also the specific business challenges of outsourcing and partnering. The critical issue of how to translate key business objectives to secu
rity objectives and targets is covered in depth.
? Compatibility with ISO 9000 Quality Management
With similarities in structure and approach to quality management methods like ISO 9000, O-ISM3 also emphasises the practical and the mea
so that ISMSs can adapt without re-engineering in the face of changes to technology and risk.
? Compatibility with ISO/IEC 27000
ISM3 is compatible in many ways with the ISO/IEC 27000:2009 standard, in addition provides a comprehensive fram
work for selecting, implementing, and managing a set of security processes to meet measurable business goals.
? Compatibility with COBIT
O-ISM3 implementations use a management responsibilities framework consistent with the ISACA COBIT fram
work model.
? Compatibility with ITIL
ITIL users can use the O-ISM3 process orientation to strengthen their ITIL security processes
s required to minimise these threats:
? Risk Management : identifying and estimating levels of exposure to the
likelihood of loss and how to manage those risks of loss;
? Security Controls : crafting the IT Security Policy which assures
operations are as secure as they need to be;
? Security Management : supporting the selection, maintenance, and overall
Security Policy for the security controls deployed in a business enterprise.
The O-ISM3 standard focuses on the c
ommon processes of information security. It is technology-neutral, very practical and considers the business aspect in depth. This means that practitioners can use O-ISM3 with a wide variety of protection techniques used in the marketplace.
The distinctive benefits of O-ISM3 are:
? A fully process-based approach
It breaks information security management down into a comprehensive but manageable number of processes, with specifically relevant security control(s) being identified.
In addition it covers the principles of continuous improvement that O-ISM3 supports.
? Maturity coverage
O-ISM3 defines information security management maturity in terms of the
operation of an appropriate complementary set of ISM3 info
ation security
processes.
? A business approach
The coverage considers the business drivers and also the specific business challenges of outsourcing and partnering. The critical issue of how to translate key business objectives to secu
rity objectives and targets is covered in depth.
? Compatibility with ISO 9000 Quality Management
With similarities in structure and approach to quality management methods like ISO 9000, O-ISM3 also emphasises the practical and the mea
so that ISMSs can adapt without re-engineering in the face of changes to technology and risk.
? Compatibility with ISO/IEC 27000
ISM3 is compatible in many ways with the ISO/IEC 27000:2009 standard, in addition provides a comprehensive fram
work for selecting, implementing, and managing a set of security processes to meet measurable business goals.
? Compatibility with COBIT
O-ISM3 implementations use a management responsibilities framework consistent with the ISACA COBIT fram
work model.
? Compatibility with ITIL
ITIL users can use the O-ISM3 process orientation to strengthen their ITIL security processes
Specificaties
- MerkONBEKEND \ MERKLOOS
- GroepINFORMATICA ALGEMEEN(980)
- Barcode9789087536657
- LeverstatusActief
Reviews
0.0/5.0
Gemiddelde uit 0 reviews
Meest behulpzame reviews
Nog geen reviews geschreven