Business Continuity Management
At its simplest – Business Continuity Management ensures that critical business processes and resources remain available (or can be rapidly restored) in order to ensure the continued achievement of critical organizational objectives.
A logical subset of Business Continuity is Information Continuity (aka; Disaster Recovery) which is focused on ensuring that critical Information Technology
resources are available. Our Business/Information Technology Continuity Practices are based on the leading standards including; ISO-27031, ISO-22301, & NIST 800-34.
Payment Card Industry
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit and credit cards. It was intended to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.
The specialized nature of information systems (IS) auditing and the skills necessary to perform such audits, require standards that apply specifically to IS auditing. From this
recognition came the development of the COBIT Auditing Framework by the Information Systems Audit and Control Association (ISACA). ISACA is an education foundation dedicated to the large-scale research efforts necessary to expand the knowledge and value of the IT governance and control field.
An Information Security Management Systems (ISMS) standard that is promulgated by the International Organization for Standardization (ISO). It is a formal specification for an ISMS in that it mandates a particular set of controls that need to be in place. Therefore, organizations that claim to have adopted 27001 can be formally audited and certified compliant with the standard. It is this ability to certify the operation of an ISMS that makes 27001 unique and makes it ideal to be used as a form of independent attestation to the design and operation of an Information Security program.
Identifies 75 existing standards that are likely to be applicable to the development of the Smart Grid. NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.