Attended Burton (now acquired by Gartner) Catalyst 2010 in San Diego, an excellent forum to get upto speed on what is happening in technology world in terms of standards and trends.

Paradigm shifts:
* Pushing core to the outside
* How SAAS, HIAS, PAAS, have provided capabilities to the industry in terms of scalability. Users pay only what they need. * Stop wasting platform resources by leveraging virtualization
* Chaning views on how Identities should be managed
* Writing applications that are cloud aware and are able to co-exist on a platform

Some References for ISO

• Yahoo Group: http://tech.groups.yahoo.com/group/iso-27001/message/281
• ISO27001 certification process: http://www.27000.org/ismsprocess.htm
• THe ISO 27000 Directory: http://www.27000.org/index.htm
• ISO Standards Translated into plain english: http://www.praxiom.com/

HIGH LEVEL CONTROL OBJECTIVESPlan and Organize

Some important items worth noting:

PCI DSS is a standard which protects Credit Cardholder information.  The Goal of this program is to render the credit card data useless after it has been processed by the merchant.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.
For more information you can access following URL's: