OAK CREEK, Wis., April 20 /PRNewswire/ -- The Information Systems Security Association (ISSA) today announced support for the initiative taken by the Corporate Governance Task Force to create a public-private partnership framework for improved information security. The Task Force, which was launched at the National Cyber Security Summit in December 2003 in partnership with the U.S. Department of Homeland Security, issued a report last week entitled "Information Security Governance: A Call to Action." Key to the report's recommendations was to treat information security as a corporate governance issue to assure a measure of involvement from senior executives and board members. ISSA, which leads a number of initiatives to promote security education and awareness worldwide, was represented on the Corporate Governance Task Force by Dave Cullinane, President, and Michael Rasmussen, VP of Standards and Public Policy. "This report should be reviewed by information security executives and professional groups like the Global CSO Council and the ISSA's CISO Executive Forum before it is adopted by the DHS," said Cullinane. "A vetting period will help assure that the report fully reflects the issues faced by those responsible for corporate security, and it will expand on the great efforts of the Corporate Governance Task Force to set this project in motion." Information security executives are typically required to comply with a number of regulations such as HIPAA, GLBA, and Sarbanes-Oxley. ISSA works with professionals and industry groups to offer guidance that make these tasks more manageable from a business perspective. In addition to ISSA, top security vendors including RSA Security and Entrust (the CEOs of which co-chaired the Task Force), as well as key industry groups such as TechNet (which served as the secretariat) have shown significant leadership in the Corporate Governance Task Force. "We hope that the work and commitment demonstrated by the Department of Homeland Security and this Task Force drives increased participation in information security at all levels of business," said Rasmussen. "There is still additional work to be done to create a framework of guidance with global buy-in from top to bottom, but the Corporate Governance Task Force has developed an important high-level governance framework that can be implemented by organizations of many sizes across various sectors. ISSA's initiative to create Generally Accepted Information Security Principles complements the efforts of this Task Force, and we encourage other organizations, corporations and end-users to get involved in these initiatives going forward." The Generally Accepted Information Security Principles (GAISP) offers a comprehensive hierarchy of guidance for a globally consistent, practical framework for information security. Addressing information security principles at the executive, management, field and technical levels, the GAISP integrates existing industry standards and best practices into a single point of reference. About the ISSA With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)(R) is the largest international, not-for-profit association specifically for security professionals. It provides educational forums, publications and peer interaction opportunities that enhance knowledge, skill and professional growth. Members include practitioners at all levels of the security field in a broad range of industries, such as communications, education, healthcare, manufacturing, financial and government. The ISSA international board consists of some of the most influential people in information security, and association membership exceeds 10,000 in nearly 100 different countries. With an international communications network developed throughout the industry, the ISSA is focused on maintaining its position as The Global Voice of Information Security.