One idea for creating a brain / paper wallet is to come up with a password, then pass it through SHA256 to turn in into a proper private key. The problem here is that the password has much fewer than 256 bits (and is non-random), so it's easier to crack.
The more secure way to do it is to come up with a random 256 bit key and then to represent it in a human readable / understandable form. Even if you are storing the key in written form, it's good to have it in a human readable form as an error correction mechanism.
The problem is that anyone can create their own conversion from privkey to human words. You must now remember both a string of words and the exact method used. It would be better if there was a standard for converting privkey to words.
Luckily, there is this:
http://en.wikipedia.org/wiki/PGP_word_listIt's a standard for converting bytes to common English words. The words were chosen to be pronounced as differently from each other as possible. There is extra error detection built in with even and odd bytes encoded as different words. Read the article, it explains it better.
My proposal is to use the PGP word list as a standard for encoding privkeys. 32 words to encode a privkey. It won't work as a brain wallet. Still a good idea as a paper wallet though.