SANS InfoSec Reading Room - ISO-17799

<<Reading Room Home
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

ForeScout_GSN

Featuring 7 papers as of May 21, 2013
PDF Using the Center for Internet Security (CIS) Benchmarks to Support an Information Security Management System
By: Robert J. Mavretich (posted on January 25, 2013)
Humans are quite a fickle bunch. We learn our daily tasks and responsibilities in varying ways and pass on that knowledge in an increasingly different world than the one we learned it in.
PDF Security Controls in Service Management
By: Katherine Warren (posted on December 20, 2010)
The Information Technology Infrastructure Library (ITIL) v3 Core describes best practices for all aspects of the service management lifecycle. The ITIL Core consists of five publications, each providing guidance on a specific phase in the service management lifecycle.
PDF Humans... The Overlooked Asset
By: Muhammad EL-Harmeel (posted on January 7, 2010)
Security Whitepaper: How humans are an important part of the Information System. Humans provide a huge source of both vulnerability and protection.
PDF Patch Management
By: Brad Ruppert (posted on January 24, 2008)
PDF Warren Inc. Contact Centre Information Security Management System
By: Katherine Warren (posted on November 8, 2007)
PDF Information Security Management System (7799) for an Internet Gateway
By: Amarottam Shrestha (posted on August 25, 2004)
The Internet presence is an important aspect most businesses these days. An Internet gateway provides network security for businesses from the Internet. It is important that the Internet gateway is designed, implemented and operated in a secure manner.
PDF Understanding HIPAA Security Implications Of a Wireless LAN Subsystem Using the ISO/IEC 17799 ISMS Standard
By: Frederick Hawkes (posted on July 25, 2004)
This paper describes the initial development of an Information Security Management System (ISMS) that will address possible regulatory issues of using Wireless LANs in an assisted living / extended care facility (EcFac1).
SANS Reading Room

The instructor changed the way I, a network engineer, thought about questions.
-Mike Dye, PTG

Community SANS Training

Latest Whitepapers

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Setting Up a Database Security Logging and Monitoring Program
By Jim Horwath

Latest Tweets

DFIR Webcast starts in 75 minutes - 50 Shades of Hidden - Di [...]
May 17, 2013 - 3:46 PM

New blog post by @yorikv on pen test tips for file analysis. [...]
May 16, 2013 - 5:07 PM

New Blog Post: SANS EU #DFIR Summit in Prague - Call for Spe [...]
May 16, 2013 - 12:33 AM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health & Security

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"Expertise of the trainer is impressive, real life situations explained, very good manuals. Best training ever!"
- Jerry Robles de Medina, Godo CU