- Trending Categories
- Data Structure
- Operating System
- MS Excel
- C Programming
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What are the main Security Frameworks in information security?
In software development, a framework is a defined preserved mechanism in which another software project can be managed and developed. This definition seems to be promising as it hints that a framework provides more analyse and construction than a model.
While a model is abstract and intangible, a framework is linked to comprehensible work. Furthermore, frameworks set suppositions and practices that are designed to directly implementation. In distinction, models provide the general direction for attaining a goal or result, but without acquiring into the refuse of practice and measures.
A framework is a basic construct that describe suppositions, concepts, values, and practices, and that includes guidance for performing itself. The following approaches have been identified to provide general guidance toward attaining an outcome without going into specific detail on a single concentrated task. Each of these techniques has been defines as a framework.
Introduction to ISO 27001 − The ISO 27001 standard was available in October 2005, basically substituting the old BS7799- 2 standard. It is the concern for ISMS, an Information Security Management System. BS7799 was an extended standing standard, first available in the nineties as a program of practice. As this developed, a second area appeared to cover up administration systems. It is this beside which documentation is determined.
Its objective is to recognize the needs for establishing, implementing, operating, monitoring, reviewing, preserving and enhancing documented ISMS within the context of the organization on the entire business risks.
COBIT − The COBIT Framework provide a device for the business process owner that control the discharge of business process services. COBIT is an IT-centric framework designed to provide users, businesses, and auditors with a standard approach for designing, executing, and testing IT controls. This framework has been created and adopted by the Big N audit houses as a solution to most IT audit, compliance, and control problems.
SSE-CMM − The SSE-CMM is represented as a process reference model. It is concentrated upon the requirement for executing security in a system or sequence of connected systems that are the data.
The SSE-CMM is a framework for executing security engineering inside an organization; if possible in conjunction with other manufacturing CMMs. SSE-CMM builds on the work of deming much as other CMMs have done, concentrated on process description and improvement as concentrating on process definition and enhancement as a core value.
SSE-CMM is a complex, well-tested structure for incorporation into an engineeringoriented organization. If the organization implements engineering, like through product development, thus the use of SSE-CMM, generally in amalgamation within other CMMs, can be valuable.
- Related Articles
- What are the specific security mechanism in Information Security?
- What are the Pervasive Security Mechanisms in Information Security?
- What are the security services of Information Security?
- What are the levels of database security in information security?
- What are the techniques of database security in information security?
- What are the basics of security metrics in information security?
- What are the types of security mechanism in information security?
- What are the classification of security attacks in information security?
- What are the Information Security Attack?
- What are the challenges in information security?
- What are Botnets in information security?
- What are Steganography in information security?
- What is the importance of Security Information Management in information security?
- What is Physical Security in information security?
- What is Security Management in Information Security?