Procedures for a new area.

0 pts.
Tags:
Access control
Application security
backdoors
Biometrics
Browsers
Cabling
Compliance
configuration
CRM
Current threats
Database
DataCenter
Digital certificates
Disaster Recovery
Encryption
filtering
Firewalls
Forensics
Hacking
Hardware
Hubs
human factors
Identity & Access Management
Incident response
Instant Messaging
Intrusion management
Microsoft Exchange
Network management software
Network security
Networking
Outsourcing
patching
PEN testing
Platform Security
Policies
Project management
provisioning
Remote management
Risk management
Routers
Secure Coding
Security
Security Program Management
Security tokens
Servers
Single sign-on
Spyware
SSL/TLS
Switches
Trojans
Viruses
VPN
vulnerability management
Web security
Wireless
worms
We are a company where we have expirience on network remote administration and now we have open a new area, The area of security. Now I need to start to make new procedures like when a new customer come to us and ask if we can handle the security for his network... I need to know if some one can recommend some standard like ISO, COBIT or something like this in order to make new procedures, questionnaires and all those things. Thanks a Lot!
ASKED: May 23, 2007  10:13 PM
UPDATED: May 28, 2008  4:05 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

It depends on the level of detail required and the audience for the policy. ISO will provide indepth administration and technical criteria related to a policy ….ie…provides details from start to finish on what is the purpose of the policy, scope, and tools used to monitor that the policy is in effect.

COBIT will provide more generic IT information on controls and what you can use to monitor those controls, i.e….what an auditor or IT administrator requires in order to assess that the control is working.
SAS70ExPERT@gmail.com

Recently we had a new Managed IDC for customer & we already TL9000 certified.
Now for IDC we are under process for ISO 27001

The objective of the standard itself is to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System

————————
Check into the <a href=”http://csrc.nist.gov/”>NIST Computer Security Resource Center</a> and its publications. There is a wealth of information here for your use and implementation assistance.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following