information risk的影响因素

UPDATED VERSION JANUARY 2005

Download free of charge

The Standard of Good Practice for Information Security is designed to help any organisation, irrespective of market sector, size or structure, keep the business risks associated with its information systems within acceptable limits. It is a major tool in improving the quality and efficiency of security controls applied by an organisation.

The Standard is based on over 16 years and US $75 million of investment in practical research and draws on the knowledge and experiences of the Information Security Forum's global members as well as building on other standards such as ISO 17799 and COBIT.

The Standard has been produced by the Information Security Forum (ISF), an international association of over 270 of the world's leading organisations which fund and co-operate in the development of a practical research programme in information security and best practices in IT security and info