This document discusses the development and management of an information security lifecycle based on standards. It begins by discussing the importance of information security for organizations and describes the key components of information security. It then discusses adopting a standards-based approach to security policy using the British Standard 7799 as a guideline. This involves assessing network assets and risks, designing a security policy, deploying security measures, and ongoing management and support through monitoring and education. The lifecycle approach helps ensure security is addressed systematically from the start of a project through ongoing management.