Provide feedback on this document
Visit the Information Security Management Knowledge Center community
The role of the information security manager has evolved over the past few years from being essentially IT focused to that of a business/IT hybrid. At the same time, numerous security standards, codes of practices, methodologies, etc., have been developed and published, all with the purpose of providing some level of direction or support for security objectives.
The purpose of this technical study is to provide the Certified Information Security Manager (CISM) holder with a guide to the better known and more widely available information security documents. In all, more than 17 standards/guidance were evaluated across a number of criteria, enabling information security managers to identify those that may be most appropriate for improving their own skills and knowledge or be of use within their own organization.
The full study includes insights learned from a global survey of CISMs.