By Phil Muncaster
28 Jan 2009
IT certifications organisation the Information Systems Audit and Control
Association (ISACA) today launched a guide designed to provide IT
security chiefs with an independent framework to help manage their
information security more effectively.
An Introduction to the Business Model for Information Security explains
the new business model, which is independent of any particular
The framework can be applied across all industries, countries and
regulatory/legal systems, and covers information security, privacy,
risk, physical security and compliance issues, according to ISACA. It
includes advice on aligning IT security programme activities with
organisational goals and priorities, and increasing the value of
security activities to the enterprise.
"This is ISACA's first step in transforming the theoretical model into a
practical tool that can be used by information security practitioners to
unify security initiatives with the business mission," said Kent
Anderson, a member of ISACA's Security Management Committee.
Best Selling Security Books & More!