Information Security Success Strategies — The Critical Seven
The following seven critical success strategies are vital in implementing a successful formal risk-driven Information Security Management Program.
- Put someone in-charge. Establish leadership. Information Security Manager / Chief Information Security Officer.
- C-Suite and Board Governance
- Independent Perspective from CIO or Technology Director
- Supported by Cross-Functional Leadership Team
- Supported with Subject-Matter Expertise
- Implement formal risk-driven information security policies and standards.
- Identify, document and control sensitive information.
- Train and educate personnel. Change culture.
- Manage 3rd-party security.
- Manage IT Infrastructure from an “information security point of view” in accordance with standards at least as strong as SecureTheVillage’s Code of Basic Information Security Management Practices.
- Be prepared. Incident response. Business continuity planning.
Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.