Here is an update to this topic.
ISSA releases SME data security standard guidance
14 March 2012
The Information Systems Security Association (ISSA) has released the first in a series of guidance documents to accompany a new information security standard for small and medium-sized enterprises (SMEs).
The new standard, ISSA 5173, is designed to encourage SMEs to take steps to secure their customer and employee data and raise awareness of legislation that applies to them regarding data security.