jess LAND
        Sponsored by:       
One eSecurity
JISK Knowledgebase >>    About    News    Essentials    Architecture    FWs    IDS/IPS    Honeypots    Malware    Forensics   
  +  JSS Home    Projects    JSS Community    Events    News    Docs    About    Contact .

JISK > Essentials > Areas > Governance and Compliance Essentials Section Map

Security Governance & Compliance

Content Leader: Ismael Valenzuela - Last Updated: December 29, 2006

General information

Security is more than a technology issue. For information security to be properly addressed and implemented a clear understanding of business processes, business requirements, risks and risk-management alternatives is required. Therefore, Security Governance and Compliance services place special emphasis on providing an enterprise-wide approach for managing the process of protecting corporate information and information systems in accordance with standards, laws, regulations and business requirements.

That approach is based on a three step process:

  1. A security assessment to identify the current exposure to security risks.
  2. An in-depth gap analysis to measure the existent security posture against industry standards, best practices and regulatory compliance.
  3. An implementation plan to effectively mitigate risks and provide a foundation for a corporate-wide security framework.


  • Articles, Papers & Presentations
  • Security Strategy
  • Risk Management
  • Policy Development
  • Business Continuity Planning
  • Coming soon...
  • Standards: ISO 27001:2005, HIPAA, SOX, Basel II
  • Best practices: ISO 17799, ISO 18043, ITIL, COBIT
  • Data Protection
  • Coming soon...
  • Benchmarking and Balanced Score Card
  • Coming soon...
  • Books
  • Security Awareness
  • ISMS, ISO 17799 and ISO 27001:2005
  • Internet Links
  • ISMS, ISO 27001:2005 and other ISO publications
  • Compliance
  • Mailing Lists
  • Online Magazines

Copyright © 2000-2008 Jessland - Jess Garcia's Website - All rights reserved.