What information standard(s) should your company follow and why

e original security evaluation standards were developed by the U.S. Department of Defense (DoD) in the early 1980s in the form of Trusted Computer systems Evaluation Criteria (TSSEC), commonly referred to as the Orange Book. Given the importance and usefulness of TCSEC, other countries such as Canada, U.K, Germany and France developed their own. Later in 1990, the European Commission harmonized the security evaluation efforts of individual countries by establishing the European equivalent of TCSEC, the Information Technology Security Evaluation Criteria (ITSEC). More recently, in 2007, in an effort to create a repository for network and information security standardization efforts in Europe for security vendors, service providers, developers, and researchers, a portal sponsored by the International Communications Union (ITU) . This portal is being updated and provides great information on standards. In this case assignments, you are required to go over the "required" readings available in background material about security standards. You are also encouraged to browse the optional material for other relevant material. When you've read the required articles and conducted additional research on the optional readings and other readings you find interesting, please compose a short (3-4 pages without counting the cover and references) paper on the topic: "What information standard(s) should your company follow and why?" Some of security standards available are ISO27002, ISO17799, Rainbow Series, TCSEC, ITSEC, Common Criteria, IETF, GMITS, GASSP, OECD, and the 800-series. Below are some questions for you to think about to help you get started: - Select an organization that you want to focus on in this assignment (it could be your own or just any company that you know about). - provide a comprehensive definition of security standards - Make sure you refer to ISO17799 (ISO17799 has been replaced by ISO27001 and 27002 but you may refer to ISO17799 since that is the one that has more material available online). - What art the most important categories or standards that you would recommend your company to follow and why? In your justification describe the type of company you are referring to. Remember, you do not have to explicitly answer these questions in your assignment. You should think about these questions and then integrate your thoughts into a well-organized answer to the primary question. Case assignment expectations: Your assignment will be graded following these expectations: - Precision: the main questions asked are answered. - Clarity: Your answers are clear and show your good understanding of the topic. - Breadth and depth: The scope covered in your paper is directly related to the questions of the assignment and the learning objectives of the module. - Critical thinking: It is important to read the “required readings” posted in the background material plus others you find relevant. Your paper should include important concepts from these readings and incorporate YOUR reactions and examples that illustrate your reflective judgment and good understanding of the concepts. - Your paper is well written and the references are properly cited and listed - Your paper meets the page requirements not counting the cover page or the references pages.