ISACA, a global association of more than 115,000 IT assurance, security, and governance professionals in 180 countries, has issued a series of new guidance designed to help European companies implement cyber-security practices in line with existing European laws and good practice.

The “European Cyber-security Implementation Series” is part of ISACA’s holistic Cyber-security Nexus (CSX), a knowledge platform and professional program that provides security professionals with thought leadership, training, and certification programs. The series provides practical implementation guidance that is aligned with the European Network and Information Security Agency (ENISA), European requirements, and good practices.

Included as part of the series are three detailed white papers on European cyber-security implementation, separately addressing the following three areas:

Risk. Cyber-security risk strategies should align with the overarching enterprise risk management strategy and framework. This white paper is designed to help companies determine a manageable set of risk, based on risk scenarios that target known, emerging, and future risk factors that might arise in the context of cyber-security.

Resilience. In cyber-security, resilience is the ability to absorb internal and external impacts, and to recover to normal operations in a controlled manner. This white paper addresses resilience in cyber-security using the EU and national approaches toward the protection of critical information infrastructure.

Assurance. Enterprises need assurance over their cyber-security activities and initiatives, as part of enterprise governance, risk, and compliance. This white paper addresses cyber-security implementation to help contribute effectively to the enterprise’s protection against cyber-attacks and breaches.

“Organizations need to transform their cyber-security to keep up with advanced threats, changing regulations and good practices, and this ISACA guidance helps them do that,” Rolf von Roessing, former international vice president of ISACA, said in a statement. “European organizations will find valuable implementation guidance in these white papers.”

Also available soon as part of the series is ISACA’s European Cyber-security Audit Assurance Program. Based on ISACA’s IT Assurance Framework, this program is designed to help provide management with an assessment of the effectiveness of cyber-security and related governance, management, and assurance. The review focuses on cyber-security standards, guidelines and procedures, and aligns with ISACA’s COBIT 5 framework, a widely-used framework for the governance and management of enterprise information technology.

Topics