Comparison of 7 IT Security Frameworks from ISO 27001 to Octave


Currently there are a lot of IT Security Framework that can be used in your company. Below simple comparison for each comparison. So which one is the best? or which one is most suit for your company?

Framework Definition Description Sponsoring Organization
ISO Family (27001,17799, 20000) International Standard Organization ’ s security management standards. A framework of standards that provides best practices for information security management International Standards Organization
ITIL IT Infrastructure Library ITIL is a cohesive best-practices framework drawn from the public and private sectors internationally. It describes the organization of IT resources to deliver business value, and documents processes, functions, and roles in IT Service Management Office of Government Commerce
COSO Committee of Sponsoring Organizations of the Treadway Commission Voluntary private-sector organization dedicated to improving the quality offi nancial reporting through business ethics, effective internal controls, and corporate governance COSO
COBIT Control Objectives for Information and related Technology An IT governance framework and supporting toolset that allow managers to bridge the gap between control requirements, technical issues, and business risks Information Systems Audit and Control Association (ISACA)
FISMA Federal Information Security Management Act of 2002 FISMA imposes a mandatory set of processes that must follow a combination of Federal Information Processing standards (FIPS) documents, the special publications SP - 800 series issued by NIST and other legislation pertinent to federal information systems United States federal law enacted in 2002 as Title III of the E - Government Act of 2002
OCTAVE Operationally Critical Threat, Asset, and Vulnerability Evaluation A risk - based strategic assessment and planning technique for security CERT (Carnegie Mellon University)
CMMI Capability Maturity Model Integration A process improvement approach that provides organizations with the essential elements of effective processes Software Engineering Institute (Carnegie Mellon University)

Copyright Timothy M. Virtue PCI DSS Handbook 2008


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Technorati

Trackback URL for this post:

http://www.itservicestrategy.com/trackback/44

User login

Who's new

  • ragunathan.mohan
  • DArederons
  • rosenow
  • ShoubAlarbura
  • TrarlTymn

Who's online

There are currently 0 users and 3 guests online.