IT Security Program Components


IT Security Program Components

  • Security Program Strategy – The means by which your security organization will achieve its overall mission.
  • Security Risk Project Portfolio – The mechanism by which your security organization approaches the prioritization and execution of its responsibilities based on risk.
  • Mission and Mandate – The goal of the security office as well as its associated level of authority to reach that goal.
  • Security Policies – The documented and ratified rules by which the security office applies security to the organization. In most methodologies, they represent the ideal security state of the organization; a benchmark from which to measure everything.
  • Training and Awareness – The strategy and tactics for educating personnel and making them aware of security concepts.
  • Role and Responsibility – The identification and definition of each position on the security office team and its individual role for providing security to the organization.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*