Acuity users can view, control and manage their compliance in real- time against the leading ISF Standard of Good Practice
21 May 2009: The Information Security Forum (ISF) has signed an Intellectual Property (IP) licensing agreement with Acuity Risk Management, to integrate the ISF Standard of Good Practice for Information Security (the Standard) into Acuity’s STREAM risk and compliance management software.
As a result of the agreement, any users of STREAM will be able to view, control and manage their compliance in real time against the Standard as well as against other international standards such as ISO 27002 and Cobit.
With over 20 years experience and a global membership of 300 major companies and public sector bodies, the ISF is recognised as the world’s leading independent authority on information security. To date, the ISF has invested over US$100million in developing advanced information risk methodologies and benchmarking tools and has produced more than 400 authoritative reports that are free to its Members.
The agreement with Acuity marks a significant move to make ISF intellectual property more readily available. “We believe that integrating ISF IP into industry leading products such as Acuity’s STREAM will provide a range of important benefits to both ISF Members and non-Members and increase adoption of the ISF Standard of Good Practice,” said Prof. Howard A. Schmidt, President and CEO of the ISF.
Commenting on the agreement, Acuity’s Managing Director, Simon Marvell said: “For the first time, CISOs will have access to the ISF’s information security standard delivered through a tool they can use every day and in real-time to see their enterprise’s risk and compliance position. This is the start of an exceptionally important relationship for Acuity and we are excited about working with the Information Security Forum and its Member organisations.”
The Standard is based upon the results of an extensive work programme and the analysis and integration of other information security-related standards such as ISO 27002 and COBIT v4.1. It also embraces legal and regulatory requirements including the Sarbanes-Oxley Act 2002, Payment Card Industry (PCI) Data Security Standard, Basel II 1998, and the EU Directive on Data Protection.
Updates of the Standard draw on input from ISF Members through workshops, meetings and also the results of the ISF’s Benchmark Service.
The Standard provides key objectives and a clear overview of practical measures and activities needed to keep information risks under control across key sections: security management, critical business applications, computer installations, networks, systems development to end user environment. It covers the full scope of information security including important areas ranging from outsourcing, privacy, compliance and information risk analysis, to wireless communications, portable storage devices and critical desktop applications such as spreadsheets.
“By working with ISF IP Licensees such as Acuity, we believe that we can truly harness the full power of ISF Standards, Methodologies and Tools, which are widely recognised to be the best in the world,” said Howard Schmidt.
He added: “The move to commercialise ISF IP reflects a major milestone in the development of our organisation and is one of the new foundations that will provide a strong platform for the ongoing international expansion and influence of the ISF.”
About the Information Security Forum (ISF)
Founded in 1989, the Information Security Forum (ISF) is the world’s leading independent, not-for-profit authority on information security. By harnessing its world-renowned expertise and the collective knowledge and experience of 300 Members – including many of the Fortune 100 companies – the ISF delivers practical guidance and solutions to overcome wide-ranging security challenges impacting business information today.
The ISF provides a range of products and services to its Members, which include – workshops, regional networking events, on-line webcasts, special interest groups and an Annual World Congress. In addition to creating a library of over 400 authoritative reports, the ISF has also developed advanced information risk methodologies and benchmarking tools.
To find out more about the ISF, please visit: www.securityforum.org
To find out more about the ISF Standard of Good Practice, please visit www.isfsecuritystandard.com
About Acuity
Acuity Risk Management provides professional services and software solutions to help organisations gain better visibility of their true risk position, their compliance with control standards and their performance against key indicators.
Major corporations and Government departments use Acuity’s solutions to provide senior executives with the critical management information they need to provide effective oversight and governance in areas such as information security, business continuity, health & safety, environmental and enterprise risk management.
You can find out more about Acuity at www.acuityrm.com
For ISF press information, contact:
Peter Rennison / Allie Andrews, PRPR, Tel: + 44 (0)1442 245030, email: pr {at} prpr.co(.)uk or allie {at} prpr.co(.)uk
For Acuity press information, contact:
Jonathan Otter, Sales & Marketing Director, Acuity Risk Management
Tel: +44 (0)7879 473298, email: jonathan.otter {at} acuityrm(.)com
|
TechWhack on Facebook
|
