NIST Special Publication 800-100 "Information Security Manual: A Guide for Managers" is a 174-page draft released in June 2006 for public comment. It refers throughout to [US Government] agencies but in fact is broadly applicable, containing sound guidance on important areas such as information security governance, investment and metrics, planning, contingency, C&A, incident management and, of course, awareness training and education. It's a good-un, well worth a serious look.
More infosec laws, regulations and standards
No comments:
Post a Comment