Category Archives: Security Standardization and Practises

ITIL support material

Posted on 16 October 2011 by Admin

The following 3 books (free) are supportive material. Worth to have. An Introductory Overview of ITIL® V3 Glossary of Terms and Definitions Acronyms

Posted in ICT Leadership and Management, Security Standardization and Practises | Comments Off on ITIL support material

HMG IA Standard No.1 – Technical Risk Assessment (2009)

Posted on 16 October 2011 by Admin

There exist several Risk Assessment methods in addition to related ISO standards. This one from UK goverment contains also a worked example. It is worth to have a quick look. Document “HMG IA Standard No.1 – Technical Risk Assessment – … Continue reading

Posted in ICT Leadership and Management, Risk Management, Security Standardization and Practises | Comments Off on HMG IA Standard No.1 – Technical Risk Assessment (2009)

List of PCI DSS videos

Posted on 14 October 2011 by Admin

PCI DSS = Payment Card Industry Data Security Standard These videos are from 2009 or earlier. PCI Webinar Part 1 (Oracle) PCI Webinar Part 2 (Oracle) PCI Webinar Part 3 (Oracle) PCI Webinar Part 4 (Oracle) PCI Webinar Part 5 … Continue reading

Posted in Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on List of PCI DSS videos

ISO 27001 “Information Security Mangement System” video in swedish (from 2010)

Posted on 14 October 2011 by Admin

There are videos available from 2010 in youtube. Presentation by Lars Söderlund, Alliansor AB – he is teacher at Swedish Standards Institute SIS part 1 part 2 part 3 part 4 part 5 part 6 Other link to SIS: Information … Continue reading

Posted in ISO, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on ISO 27001 “Information Security Mangement System” video in swedish (from 2010)

Building Security In Maturity Model (BSIMM)

Posted on 14 October 2011 by Admin

There exist an interesting model for measuring Software Security called BSIMM. Their Software Security Framework covers 4 domains and 12 practises.   The maturity is described with levels, and one can compare own result agains the average.   Main links … Continue reading

Posted in Security Management, Security Standardization and Practises | Comments Off on Building Security In Maturity Model (BSIMM)

ISO 27000 serie of standards for Information Security

Posted on 5 October 2011 by Admin

ISO 27000 serie is THE set of standard for Information Security, a must to have and look for people working in the area. Good overviews and lists are available wikipedia ISO 27000 Series * ISO/IEC 27000 — Information security management … Continue reading

Posted in ISO, Security Standardization and Practises, Telecom Security | Comments Off on ISO 27000 serie of standards for Information Security