SANS InfoSec Reading Room - ISO-17799

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

ForeScout_GSN

Featuring 7 papers as of May 21, 2013
PDF Using the Center for Internet Security (CIS) Benchmarks to Support an Information Security Management System
By: Robert J. Mavretich (posted on January 25, 2013)
Humans are quite a fickle bunch. We learn our daily tasks and responsibilities in varying ways and pass on that knowledge in an increasingly different world than the one we learned it in.
PDF Security Controls in Service Management
By: Katherine Warren (posted on December 20, 2010)
The Information Technology Infrastructure Library (ITIL) v3 Core describes best practices for all aspects of the service management lifecycle. The ITIL Core consists of five publications, each providing guidance on a specific phase in the service management lifecycle.
PDF Humans... The Overlooked Asset
By: Muhammad EL-Harmeel (posted on January 7, 2010)
Security Whitepaper: How humans are an important part of the Information System. Humans provide a huge source of both vulnerability and protection.
PDF Patch Management
By: Brad Ruppert (posted on January 24, 2008)
PDF Warren Inc. Contact Centre Information Security Management System
By: Katherine Warren (posted on November 8, 2007)
PDF Information Security Management System (7799) for an Internet Gateway
By: Amarottam Shrestha (posted on August 25, 2004)
The Internet presence is an important aspect most businesses these days. An Internet gateway provides network security for businesses from the Internet. It is important that the Internet gateway is designed, implemented and operated in a secure manner.
PDF Understanding HIPAA Security Implications Of a Wireless LAN Subsystem Using the ISO/IEC 17799 ISMS Standard
By: Frederick Hawkes (posted on July 25, 2004)
This paper describes the initial development of an Information Security Management System (ISMS) that will address possible regulatory issues of using Wireless LANs in an assisted living / extended care facility (EcFac1).