New ISACA Guide - An Introduction to the Business Model for Information Security

ISACA, in conjunction with the USC Marshall School of Business Institute for Critical Information Infrastructure Protection,has released an introductory guide, as the first document in a series planned around the Business Model for Information Security. The guide provides a starting point for discussion and future development by defining the core concepts that will help information security and business unit managers to "align security program activities with organizational goals and priorities, effectively manage risk, and increase the value of information security program activities to the enterprise." The project is the first major output from the alliance of ISACA with the Marshall School.

The Guide can be downloaded from the ISACA site.