User:Ahout

Standardized Information Gathering (SIG)

Standardized Information Gathering (SIG) questionnaire: Developed by Shared Assessments Program members to address the control areas covered in ISO 27002:2005 and leverage the BITS IT Service Providers Expectations Matrix and, the SIG is a set of closed ended questions used to establish a profile on each of the control areas listed in the SIG. When used as a standalone document, the completed questionnaire allows service providers to present information to their clients on the security controls in place.