I recently came across an interesting article explaining the concept of ISO 17799/27001 being a control vs. a standard. This … More
Tag: Policy
Roles & Responsibilities in Policy
Risk Assessments almost always produce one finding consistently. The finding is lack of roles and responsibilities defined. The ISO 17799/27001 … More
New Links Page – Policy and Standards
I never seem to have all my links in where I need them. Either they are on a work computer … More
Writing Effective Policies Part I
How do you write an effective policy that actually works? A coworker and I recently published a whitepaper. The goal … More
InfoSecAlways.com 