Educause Security Discussion mailing list archives
The Information Systems Security Assessment Framework (ISSAF) Draft0.1
From: Ken Shaurette <kmshaurette () MPCCORP COM>
Date: Wed, 5 Jan 2005 17:03:43 -0700
Others here may have interest in the recent release by OISSG The information in ISSAF is organized into well defined evaluation criteria, each of which has been reviewed by subject matter experts in that domain. These evaluation criteria include: * A description of the evaluation criteria. * Its aims & objectives * The pre-requisites for conducting the evaluations * The process for the evaluation * Displays the expected results * Recommended countermeasures * References to external documents A draft version of this framework is available at OISSG website at: http://www.oissg.org/issaf ISSAF should primarily be used to fulfill an organizations security assessment requirements and may additionally be used, as a reference for meeting other information security needs. It is a very well put together document. If you are conducting internal security assessment and would like a guide besides the ones that NIST has produced this is very good. Or maybe you just want another source of information. Ken ------ Ken M. Shaurette, CISSP, CISA, CISM MPC Solutions, <http://www.mpcscorp.com/> www.mpcscorp.com (P) (262) 523-3300 x60486 (F) (208) 898-2383 ------ National CyberSecurity Awareness Month - October - Awareness Doesn't End When the Day is Done! ------ ******************************************** Disclaimer: 5/1/2005 MPC Computers is providing the following information in compliance with federal regulations: MPC Computers, LLC 906 E. Karcher Road Nampa, Idaho 83687 1-888-224-4247 http://www.mpccorp.com To discontinue receiving e-mail communications from MPC in the future, please go to: http://www.mpccorp.com/email/manage.html and follow the instructions. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- The Information Systems Security Assessment Framework (ISSAF) Draft0.1 Ken Shaurette (Jan 05)