Information Systems Security Assessment – Open information security framework

-Identify and assess the business dependencies on infrastructure services provided by IT

-Conduct vulnerability assessments & penetration tests to highlight system vulnerabilities that could result in potential risks to information assets

-Specify evaluation models by security domains to :

-Find mis-configurations and rectify them

-Identifying risks related to technologies and addressing them

-Identifying risks within people or business processes and addressing them

-Strengthening existing processes and technologies

-Provide best practices and procedures to support business continuity initiatives

Benefits of ISSAF

-The ISSAF is intended to comprehensively report on the implementation of existing controls to support IEC/ISO 27001:2005(BS7799), Sarbanes Oxley SOX404, CoBIT, SAS70 and COSO, thus adding value to the operational aspects of IT related business transformation programmes.

-Its primary value will derive from the fact that it provides a tested resource for security practitioners thus freeing them up from commensurate investment in commercial resources or extensive internal research to address their information security needs.

-It is designed from the ground up to evolve into a comprehensive body of knowledge for organizations seeking independence and neutrality in their security assessment efforts.

This is not but posters of information security awareness use it impress your boss, colleague , clients etc ..

download:http://www.oissg.org/custom/information-security-awareness-poster-3.html