Develop a draft standard with the consultation of SMEs and information security communities. Produce a (free) standard in a language that is easy to understand for SMB owners and they will most likely have little or no IT experience. Provide best practice documents in various areas that are applicable at the SME scale. Locate current threats and security issues applicable to SMEs. The standard has been developed by 30 members of ISSA (Information Systems Security Association) and is available for consultation and direct download (PDF) from the association's own working group page.
Source: Cavaju
