Full title: The Forum’s Standard of Good Practice, March 2000: The standard for information security
Overview: This updated edition of the ESF’s highly-influential standard of practice was developed to provide ESF member organizations with a challenging but achievable benchmark against which they could measure their performance in keeping the business risk associated with IT-based information systems within acceptable limits. It covers the entire spectrum of arrangements which need to be made to control risk, based on in-depth research and the extensive knowledge and practical experience of ESF members.
Published by: European Security Forum (ESF), London.
Date published: November 2000
Status: Available to ISF Members.
Citicus role: A founder of Citicus, working for and in conjunction with the ESF management team, was the principal author of this standard.