Attached is a white paper released by Microsoft discussing its Information Security management System and its alignment with ISO 27001.As you may all know eFortresses was the firm that was called in to build the ISMS for the GFS (Global Foundation Services) that was eventually certified to ISO 27001.This white paper clearly spells out the direction Microsoft is going and the importance of ISO 27001 in the industry. It is also a great business case that you can use in your organizations if you have not already made that decision or if you are still reviewing your options in regards to securing your environment. If you are already implementing ISO 27001, this is another data point that shows you are going in the right direction.
pdf
Whitepaper - 27K Shared Assessment
Outake: This document is intended to assist members of the Financial Institution Shared Assessments Program and others in using the Agreed Upon Procedures and understanding how they relate to industry regulations, as well as to deepen their understanding of the program. This document is provided by BITS, The Santa Fe Group and BSI "as is" and any express or implied warranties are disclaimed.
ISO/IEC 27001: The future of infosec certification
Abstract: ISO/IEC certification allows organizations to build an effective Information Security Programme that addresses current and future regulatory compliance requirements in a sustainable and cost-effective fashion. To access the full document click on the link above.
Combining Information Technology Standards to Strengthen Network Security
Abstract: The recent wave of high-profile security breaches has indicated to a number of corporations that they need to have a Statement on Auditing Standards (SAS) No. 70 audit and/or an International Organization for Standardization (ISO) certification to strengthen network security.
