Print
Michalsons Information Security Policy Framework
03/11/2009 – 12:18 pm by Lance MichalsonWhen we review information security policies, we have particular objectives and follow a specific framework we have developed. Our framework is based on SANS 27001 and SANS 27002 (”the South African Standards”), our own expertise and experience in the area of information security, information management, law and risk management[1] taking into account controls which are necessary to support the legal standards of foreseeability and the duty of care.
This article is only available to Michalsons Clients. To continue reading this article, please either:
- Log in on the right if you have already registered OR
- Register now if your are an existing Michalsons Client and we will notify you by email once access has been approved after we have authenticated you.
——————————
[1] For example
- we were co-authors of the “Information Security Best Practice Guide” to King II on the instructions of the Institute of Directors who are responsible for King II
- we are members of the IT Governance sub-committee for King III
- Michalsons and/or its consulting arm, iForest, have advised on, reviewed and drafted information security policies for several organisations including banks, insurance companies, munipalities, publishing houses, universities, the SABC and the SA Post Office.
Similar Posts:
- IT Governance Legal Framework
- Legal Procedures Framework
- Reasons for conducting an IT Governance Legal Audit
- Michalsons Information Security Services
- Comply with the ICT laws that apply to you
Sorry, comments for this entry are closed at this time.