Thursday, January 31, 2008

The 2007 ISO 27001 Benchmark Study

Research from Wolcott Group, "The 2007 ISO 27001 Benchmark Study," shows that many organizations have significant gaps in how they manage information security. While most organizations have mature or developing controls for information security, many still have immature processes for key issues like security policy training, access control, asset management, business continuity, IT compliance auditing, and more.

Highlights of Immature Controls and Processes:

  • 57% have immature processes for classifying the value of their information assets
  • 56% have immature employee training programs on information security policies and procedures
  • 47% have an immature approach to managing information security
  • 45% have immature business continuity processes
  • 36% have immature IT compliance auditing processes

Interested parties can visit Download The 2007 ISO 27001 Benchmark Study to register to download a complimentary copy of the benchmark study.

No comments: