White Papers

The Simple Information Security Audit Process: SISAP

Overview The SISAP (Simple Information Security Audit Process) is a dynamic security audit methodology fully compliant with the ISO 17799 and BS 7799.2, and conformant with the ISO 14508 in terms of its functionality guidelines. The SISAP employs a simulation-based rule base generator that balances risks and business value generation capabilities using the Plan-Do-Check-Act cycle imposed in BS 7799.2. The SISAP employs a concept proof approach based on 10 information security best practices investigation sections, 36 information security objectives, and 127 information security requirements, as specified in the ISO 17799. The auditor may apply, for collecting, analyzing, and fusing audit evidence obtained at various audit steps, selected analytical models like certainty factors, probabilities, fuzzy sets, and basic belief assignments.

Download White Paper

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher
Pace University
File Format
PDF
Date Published
May 13, 2008
Format
White Papers
Topics
Security Standards, Best Practices, Security Management

Similiar White Papers

Demystifying the PCI Data Security Standard for Merchants

Demystifying the PCI Data Security Standard for Merchants

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security practices set forth by American Express,

Publisher: ComplyGuard Networks  |  Tags: data, data security, pci, pci dss

Take a holistic approach to business-driven security

Take a holistic approach to business-driven security

Corporate leaders face multiple challenges including the need to address complience measures and protection against exte

Publisher: IBM

Gartner Report: Magic Quadrant for Secure Web Gateway, 2007

Gartner Report: Magic Quadrant for Secure Web Gateway, 2007

Interested in what analyst firm Gartner has to say about Blue Coat Secure Web Gateway solutions? Read its "Magic Quadra

Publisher: Blue Coat Systems  |  Tags: pcs

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and

Publisher: MessageLabs, now part of Symantec  |  Tags: enterprise security, social networking

Effective Security with a Continuous Approach to ISO 27001 Compliance

Effective Security with a Continuous Approach to ISO 27001 Compliance

The Tripwire Enterprise solution provides organizations with powerful configuration control through its configuration as

Publisher: Tripwire