Information Security Management ResourceKit

A Public Service of SecureTheVillage

Information Security Management — Seven Critical Success Strategies

 

Information Security Success Strategies — The Critical Seven

The following seven critical success strategies are vital in implementing a successful formal risk-driven Information Security Management Program.

  1. Put someone in-charge. Establish leadership. Information Security Manager / Chief Information Security Officer.
    1. C-Suite and Board Governance
    2. Independent Perspective from CIO or Technology Director
    3. Supported by Cross-Functional Leadership Team
    4. Supported with Subject-Matter Expertise
  2. Implement formal risk-driven information security policies and standards.
  3. Identify, document and control sensitive information.
  4. Train and educate personnel. Change culture.
  5. Manage 3rd-party security.
  6. Manage IT Infrastructure from an “information security point of view” in accordance with standards at least as strong as SecureTheVillage’s Code of Basic Information Security Management Practices.
  7. Be prepared. Incident response. Business continuity planning.

Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.