SECURITY STANDARDS & FRAMEWORKS 

When an organisation is looking to implement cyber security measures/controls to protect its information assets (electronic, documents or people) there are many different standards and frameworks to provide assistance.

In the UK, both the Cyber Essentials and the '10 steps to Cyber Security' exist to provide assistance to organisations of all sizes/sectors, with the former requiring an independent assessment prior to certification.

From an international perspective, the ISO-27001 standard and the National Institute of Science  & Technology's (NIST) Special Publication 800-53 and Cyber Security Framework, in addition to the CIS '20 Critical Security Controls' provide additional information to assist control implementation, and in the case of ISO-27001, an opportunity to be formally certified against an international information security management system standard.

© 2019 Synovum Limited