- Initial Team Training.
- Implement information security management policies and standards.
- Provide basic awareness training to staff.
- Conduct an Information Security Risk Assessment.
- Develop Findings and Recommendations.
Develop the Initial Action Plan
Develop an Initial Action Plan based on the Findings and Recommendations of the Information Security Risk Assessment.
- What’s to be done in the next 3 months?
- What’s to be done in the next 6 months?
- What’s to be done in the next 12 months?
Monthly Meetings to Work the Plan
- The ISM and Team are to meet on a monthly basis to work the plan.
- What was planned for the month?
- What was accomplished?
- What was the basis for being under/over?
- What are the plans for next month?
- What are the rolling plans for the next 3 months, 6 months and year?
Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.