SCIPP International Aligns Generally Accepted Practices With Industry Standards

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

<strong>Vienna, Va. &mdash; May 21</strong><br />SCIPP International, a global nonprofit organization dedicated to providing world-class security awareness training and certification services, announced it has realigned its generally accepted practices (SCIPP GAP) to cover relevant end-user security awareness topics found in the International Organization for Standardizations (ISO) Standard 27001.<br /><br />ISO/IEC 27001 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system within the context of the organization&rsquo;s overall business risks. <br /><br />The SCIPP GAP was revised to cover end-user security awareness topics found in ISO 27001 to complement existing content derived from the U.S. Department of Homeland Security&rsquo;s IT Security Essential Body of Knowledge (DHS EBK); (ISC)2&rsquo;s Certified Information Systems Security Professional (CISSP) CBK, a compendium of information security topics; and ISACA&rsquo;s Certified Information Security Manager (CISM) common body of knowledge.<br /> <br />The SCIPP GAP establishes internationally recognized best business practices by continuously updating a compendium of security-awareness topics. These topics form the framework of security awareness terms and principles and serve as the basis for development of SCIPP&rsquo;s security awareness training programs for individuals and certification programs for organizations.<br /><br />The SCIPP GAP&rsquo;s 10 practice areas are comprised of the following: incident reporting, access controls, malicious code, Internet communications, asset management, human resource security, physical and environmental security, social engineering, business continuity management and compliance.<br /><br />&ldquo;With oversight from our respected international body of advisers, the SCIPP GAP has been mapped to cover the security awareness topics found in the most respected standards and common bodies of knowledge in the security world,&rdquo; said Winn Schwartau, SCIPP International founder. &ldquo;It is a major milestone in our mission to gather the best security-awareness practices in a single repository.&rdquo;<br /><br />While the SCIPP GAP serves as the foundation for all SCIPP security-awareness courses, customers have the option of tailoring a course to meet their specific needs using the SCIPP &ldquo;Cube,&rdquo; a product customization model with six sides. Each side of the SCIPP Cube represents a different customizable variable. The six sides or variables of the SCIPP Cube are: <br /><br /><ul><li>Vertical market (e.g., financial services, health care, government, retail, education, etc.) that can be tailored to meet specific compliance needs (e.g., GLB, HIPAA, FISMA, etc.)</li><li>Course length (desired number of minutes or hours).</li><li>Target audience (e.g., end users, management, consumers, etc.).</li><li>Language (e.g., English, Spanish, etc.).</li><li>Delivery method (e.g., SCIPP hosted, customer hosted, webinar, instructor-led, etc.).</li><li>Attendees (i.e., approximate number of program participants).</li></ul>

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|