StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Differences and Similarities between Existing Security Standards - Essay Example

Cite this document
Summary
The paper "Differences and Similarities between Existing Security Standards" states that security consultants are offering excellent support for the better assessment of corporate security needs and specify the most excellent security solutions for corporate information security management…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.4% of users find it useful
Differences and Similarities between Existing Security Standards
Read Text Preview

Extract of sample "Differences and Similarities between Existing Security Standards"

?DIFFERENCES AND SIMILARITIES BETWEEN EXISTING SECURITY STANDARDS Differences and similarities between existing security standards Affiliation Date PAPER 1 Information security plays a significant role in saving the precious assets of a corporation. Though, there is no particular method which could assure hundred percent safety and security of data, as a result there is a critical need for a set of standards or principles to help make sure a sufficient level of safety is achieved, resources are utilized effectively, and the most excellent safety practices are implemented. As discussed before information security is essential for saving the data and assets of a business. Thus, businesses require being completely responsive for devoting additional resources to save data and information assets, as well as information security has to be a top concern for both governments and businesses (Government of the HKSAR, 2008). In addition, the ISO (International Organization for Standardization) has been offering directions and guidelines for customers, businesses, trade officials, governments and developing nations since its establishment in 1947. Additionally, all that knowledge goes into the building of innovative standards and the development and enhancement of accessible information security standards. In this scenario, the ISO 9000, the excellence management standard, is yet probably the most identifiable ISO standard to American businesses for the reason that of its influence in the United State all through the late 80’s as well as untimely 1990’s. However, there are numerous top security standards that have been discovered with the passage of time. For instance, whole 27000 series is intended to cover numerous areas of information security as well as risk management: (JBwGroup, 2009; Government of the HKSAR, 2008) IS0 27000 – Information Security methods, basics as well as vocabulary ISO 27001 – Information Security Management System Requirements (available: 10/2005) ISO 27002 – Code of Practice (available: 06/2005) ISO 27003 – Planned ISMS Implementation ISO 27004 – Directions intended for Information Security Management Metrics as well as Measurement ISO 27005 – Guide intended for Risk Management (available 06/2008) ISO 27006 – Worldwide Accreditation Requirements (available 03/2007) However, business corporations that have adopted ISMS and attained self-governing 3rd party certification regarding their information security plans have gained a number of strategic benefits (JBwGroup, 2009; Government of the HKSAR, 2008). Moreover, from the above stated different information security standards I have chosen the ISO/IEC 27001. ISO- 27001 or ISO/IEC 27001:2005 is typically referred as the most excellent practice specification that facilitates businesses and corporations all through the globe to build up a best-in-class information security management system (ISMS). In addition, these security and safety standards were published jointly by the ISO (international security office) and the international electro-technical commission (IEC). In this scenario, the British standard BS7799-2 was the predecessor for ISO 27001 (IT Governance Ltd., 2011; WikiBooks, 2009; Arnason & Willett, 2008; ISO, 2011; Praxiom Research Group Limited, 2011). In this information technology based age, information and information systems are very important for the businesses. Keeping this fact in mind, ISO 27001 establishes specific needs and requirements which have to be followed, as well as against those requirements organizations’ information security management systems are audited and certified. In addition, ISO 27001 is intended to harmonies with ISO 14001:2004, ISO 9001:2008, ISO 20000 as well as various other security standards established for efficient management system integration. In this scenario, the ISO27001 standard allows the organizations to produce a structure to comply with a lot of authoritarian standards. Additionally, all the United Kingdom businesses have to obey following standards: (IT Governance Ltd., 2011; WikiBooks, 2009; Arnason & Willett, 2008; ISO, 2011; Praxiom Research Group Limited, 2011) Data Protection Act 1998 Telecommunications Regulations Act 1998 The Human Rights Act 1998 Computer Misuse Act 1990 The Copyright, Designs and Patent Act 1998 The Regulation of Investigatory Powers Act 2000 The Freedom of Information Act 2000 (UK public sector). Thus, ISO 27000 is the most excellent choice for the better corporation business management (IT Governance Ltd., 2011; WikiBooks, 2009; Arnason & Willett, 2008; ISO, 2011; Praxiom Research Group Limited, 2011). PAPER 2 This paper presents a detailed analysis of three consulting firms that offer services of security auditing. For this reason I have selected below given websites: http://www.mavensecurity.com/ http://www.questconsultants.com.pk/iso27001.html http://www.niiconsulting.com/ Name of the tool Brief description of the program and what it claims to do Specific business needs being addressed by program and value delivered by it Your reasons why you decided to check it out (first impression) Your overall evaluation of it, to the degree that you can judge; is it something you'd use?  Why? (Please comment also on the effectiveness of the demo itself) Information Security Management Tool http://www.mavensecurity.com/  First company is Maven Security Consulting which offers services of security assessment and training. (Maven Security Consulting, Inc., 2011).  Maven Security Consultants have expertise of serving companies of almost all the types and sizes, recognize and mitigate their risks. (Maven Security Consulting, Inc., 2011).  Maven experience as well as customer focuses shine throughout all the stages of an agreement, from the application procedure to the reporting and mitigation stages (Maven Security Consulting, Inc., 2011).  Maven Security Consultants are offering a great deal of effective security management facilities those are highly applicable. Here we can ensure effective capability and security of our corporate. http://www.questconsultants.com.pk/iso27001.html Second firm which I have chosen is Quest Consultants. It offers services for all the available standards established in the globe.  These standards exist for information security management, quality management, environmental management, food safety management, health & safety standards, software management and garment & apparel business standards. In addition, Quest Consultants clients comprise both public and private sector businesses.  Additionally, Quest Consultants has established panels of professionals to deal with the security related issues of other firms (QUEST CONSULTANTS, 2011). http://www.niiconsulting.com/ The third firm that I have chosen is NII Consulting. It is a dedicated as well as well-recognized supplier of services, solutions and products in information governance, compliance space and risk management. (NII Consulting, 2011).  In addition, NII Consulting professionals are successful in establishing a mark for themselves with extremely satisfied clients all through the world supported by corporate offices in India and Middle East. (NII Consulting, 2011).  As an ISO 27001-certified firm, company powerfully positioned to recognize client requirements as well as deliver the right answers to their compliance needs. (NII Consulting, 2011).  Moreover, NII Consulting has succeeded to get the honor at many national and international forums and conferences (NII Consulting, 2011). Summary and conclusions from a user and organizational level  From the analysis of above given web sites I came to know that the information security has turned out to be a vital need to every corporation. Every business and organization desires to establish superior security and efficiency standards. Cumulative learning  Security consultants are offering an excellent support for the better assessment of corporate security needs and specify most excellent security solutions for corporate information security management. In this way, organizations can improve their efficiency. References Arnason, S. T., & Willett, K. D. (2008). Introduction to International Standards Organization Security Standards. Retrieved November 27, 2011, from http://www.infosectoday.com/Articles/27001.htm Government of the HKSAR. (2008, February). AN OVERVIEW OF INFORMATION SECURITY STANDARDS. Retrieved November 28, 2011, from http://www.infosec.gov.hk/english/technical/files/overview.pdf ISO. (2011). ISO/IEC security standards. Retrieved November 25, 2011, from http://www.iso.org/iso/iss_international-security-standards.htm IT Governance Ltd. (2011). ISO 27001 & Information Security. Retrieved November 26, 2011, from http://www.itgovernance.co.uk/iso27001.aspx#Free JBwGroup. (2009, April). Evolution of an International Information Security Standard. Retrieved November 27, 2011, from http://www.jbwgroup.com/documents/JBWGroup-EU-InfoSecHistoryV2-N2.0.pdf Maven Security Consulting, Inc. (2011). Security Consulting. Retrieved November 27, 2011, from http://www.mavensecurity.com/ NII Consulting. (2011). NII Consulting. Retrieved November 26, 2011, from www.niiconsulting.com Praxiom Research Group Limited. (2011). ISO IEC 27002 2005. Retrieved November 26, 2011, from http://www.praxiom.com/iso-17799-2005.htm QUEST CONSULTANTS. (2011). Quest Consultants. Retrieved November 14, 2011, from http://www.questconsultants.com.pk/clients.html WikiBooks. (2009). Security Architecture and Design/Print Version. Retrieved November 25, 2011, from http://en.wikibooks.org/wiki/Security_Architecture_and_Design/Print_Version Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Differences and Similarities between Existing Security Standards Essay”, n.d.)
Retrieved from https://studentshare.org/information-technology/1437334-differences-and-similarities-between-existing
(Differences and Similarities Between Existing Security Standards Essay)
https://studentshare.org/information-technology/1437334-differences-and-similarities-between-existing.
“Differences and Similarities Between Existing Security Standards Essay”, n.d. https://studentshare.org/information-technology/1437334-differences-and-similarities-between-existing.
  • Cited: 0 times

CHECK THESE SAMPLES OF Differences and Similarities between Existing Security Standards

Company Law and Financial Reporting Standards

Running Head: FINANCIAL REPORTING standards Over recent decades, developments in Company Law and Financial Reporting standards have impacted significantly on the reporting of the financial performance of companies in the UK A country follows a particular standard to report their companies' financial performance.... hellip; Accounting standards for financial reporting are set by the government or by the regulatory authorities.... These standards are created to bring uniformity in accounting policies....
6 Pages (1500 words) Assignment

Final Assignment Questions

This is because the counterfeit products fail to match the desired quality standards.... Increase in counterfeit products has resulted from increased theft of IP which has further threatened the general security of the American nation.... Increased theft of the US trade secrets and more so regarding the US war fighter poses a huge threat to the American national security (NIPRCC, 2011).... As stipulated by the executive order 13133, the working group goals included analyzing the already existing federal laws and assessing the extent to which these laws...
5 Pages (1250 words) Assignment

Corporate Governance in Qatar

Finally, the article looks at the recommendations about how the QFMA can be able to meet the set standards by the OECD Principal, and help in strengthening the corporate governance framework of the Qatari (Zain, 2011).... The articles reviews or provides an overview outlook and a comparative analysis approach on the compliance of the framework of Qatar corporate governance with the OECD Principles of Corporate Governance 2004....
10 Pages (2500 words) Essay

American Political Thoughts

The depression remained as the longest economic crises in American history marked by significant decline in investment, rising levels of unemployment, and decrease in living standards of American people.... Occurrence of economic crisis within a country normally recalls for It is imperative that both the great depression that occurred in 1930s and the late 2000s great recession completely draws the difference between American presidents especially Franklin Roosevelt, George Bush and Barack Obama....
10 Pages (2500 words) Essay

Customer Segmentation and Marketing Planning - British Airways

British Airways known for its valued services preferred by executive class, business class, speed, security, service facilities, along with years of experiences in providing quality services to all the customers over years.... These segments are group of families who are having young children (aged between 18 and 30) and other group is over 60+ (single or married)....
6 Pages (1500 words) Assignment

Comparing and Contrasting IIS and Apache Web Servers

for ease of use between different operating systems.... However, in Apache, this perspective is not present as it only creates files under different intranet usersThe dynamic components in relation to the servers' environment have similarities.... This essay "Comparing and Contrasting IIS and Apache Web Servers" elaborates on the role of web servers as important software for Web platforms....
8 Pages (2000 words) Essay

International Corporate Reporting Issues

This paper "International Corporate Reporting Issues" focuses on the fact that accounting provides useful information to decision-makers, thus as the business environment has changed so have the accounting standards that govern the presentation and disclosure of information.... nbsp; … International Accounting standards are central to this concept”.... Starting in 1973 until the year 2000, the IASC introduced the International Accounting standards....
12 Pages (3000 words) Assignment

Evaluating the Effectiveness of Analytical Techniques

Due to the delicate nature of national security and intelligence gathering, essential steps are mandatory, especially concerning ensuring the wholesomeness, accuracy, and protection of such information.... In answer, I hope to provide how information gathering, analysis, and storage may affect outcomes in terms of policy implementation, law enforcement, security and domestic intelligence.... This is because the global society is interdependent, in terms of security, peace and counter-terrorism goals....
8 Pages (2000 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us