The first one is a very accurate representation of ISO 27001. It is but only a single framework. However, it is an internationally recognized one. The main thing about ISO 27001 is that the standard doesn't tell you how to implement your controls. It only audits your actions against your stated policies.
On Thu, Sep 5, 2013 at 7:05 PM, marck e. <[email protected]> wrote: > Our new CIO has asked us for our information security management framework. > No endless security risks matrix ,just the big picture preferably with > nice pictures. > I'm having a hard time finding a picture of ISO 27001 that talks > thousands of words. > > What I ve found so far doesn't convince me, here they are some picks: > > http://www.wtc-india.com/images/informatiaonsecurity2.jpg > > http://aset.azdoa.gov/sites/default/files/media/pics/EA%20Target%20Security%20Architecture.gif > > Any help? Any other information security framework picture? > > thanks > > Marck > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Jon Molesa [email protected] Aoccdrnig to rscheearch at an Elingsh uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer are in the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae we do not raed ervey lteter by it slef but the wrod as a wlohe and the biran fguiers it out aynawy. ... so please excuse me for every typo in the email above. Reference: https://github.com/Ettercap/ettercap/blob/master/README
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
