Information Security Forum Releases Tool

REDWOOD CITY, Calif. -- An innovative management diagnostic, designed to assist information security leaders in understanding how to meet business requirements and manage a security function, has been produced by the Information Security Forum (ISF)www.securityforum.org.

The new Security Management Diagnostic represents a new way of bridging the security and business divide, based on the experiences of over 160 senior security professionals from some 100 major ISF Member organisations from around the world.

By accurately comparing information security and business perspectives, the diagnostic tool rapidly highlights areas of alignment and misalignment. The results also help to ‘sell’ security within an organisation at the highest level and provide a framework to discuss and review information security strategy, resources and performance.

Currently only available to ISF Members, The Security Management Diagnostic is designed as a simple, easy-to-complete online questionnaire to create a detailed profile of the information security function, focusing on areas such as service delivery, communications and performance measurement. The two-part diagnostic also examines the information security leader’s profile from both security and business perspectives, to understand their strengths and weaknesses and how they relate and communicate with the business.

“The diagnostic makes no judgement about how security is delivered,” says Adrian Davis, Senior Research Consultant and project leader, “but rather focuses on how well security is meeting business requirements.”

Information Security Forum (ISF)