The IT Law Wiki

Advisory standards

32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Advisory standards are standards that

are meant to be interpreted and applied to all types and sizes of organization according to the particular information security risks they face. In practice, this flexibility gives users a lot of latitude to adopt the information security controls that make sense to them, but makes it unsuitable for the relatively straightforward compliance testing implicit in most formal certification schemes.[1]

References Edit

  1. Cloud Security Standards: What to Expect & What to Negotiate, at 4.

Also on Fandom

Random Wiki