ISO for Information Security

The ISO/IEC 17799:2000 provides recommendations and voluntary guidelines for information security management. It is the code of practice for information security management.

Information refers to any type. It can be paper based, digital, conversation, etc. Information security is about availability, confidentiality and integrity.

Some topics of ISO/IEC 17799:2000 include:

• Organizational security policy
• Organizational security infrastructure
• Asset classification and control
• Security personnel
• Physical security
• Access control
• Communications management
• Systems development and maintenance
• Business continuity
• Compliance

Resources:
1. National Institute of Standards and Technology’s (NIST’s) Information Technology Laboratory
2. www.iso.org

Additional info about information security:

Information Technology for Banks

Banking Technology - Resource for Banks and Financial Institutions
Online resource on information technology solutions for banks and financial companies. Buyer's guide to banking applications, crm, risk management systems and more.