Welcome

Understanding Information security is maintained by info sec advisor Steve Wright. Subjects covered include:

Concepts relating to Infosec management (including confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures)

Current legislation and regulations which impact upon Infosec management in the UK (and USA);

Current national and international standards, frameworks and organisations which facilitate the management of Infosec (ISO27001, PCIDSS, COSO, SOX, SB1386, HIPPA, COBIT, ITIL, ISO9001);

Current business and technical environments in which Infosec management has to operate;

Categorisation, operation and effectiveness of controls of different types and characteristics;

Business benefits, ROI, justification for infosec.

News Blog

Thursday, November 13, 2008

VISA announce they are creating a consistent framework for compliance among merchants, service providers and their agent for PCI compliance

Good news, VISA are globally aligning PCI DSS compliance requirements for Service Providers and requiring a validation deadline for Level 1 merchants by September 30, 2010. This appears to be set in stone, but we all know in reality the industry might once again push back, what's your thoughts?

Monday, November 10, 2008

First Post

Welcome to understanding Information security a website maintained by info sec advisor Steve Wright. Watch this space for more information and developments.

Search this site:

PCI DSS

A Practical
Guide to
Implementation

Purchase it here