• Home

  • Documents

  • Nine Steps to a Successful Information Security Strategy
2

Click here to load reader

Nine Steps to a Successful Information Security Strategy

Embed Size (px)

Citation preview

Page 1: Nine Steps to a Successful Information Security Strategy

8/9/2019 Nine Steps to a Successful Information Security Strategy

http://slidepdf.com/reader/full/nine-steps-to-a-successful-information-security-strategy 1/2

Salman Akorede www.infosecurityauditcoaching.com/sq 1

NINE STEPS TO A SUCCESSFUL INFORMATION SECURITY STRATEGY

Security strategy refers to the overall plan to effectively identify and manage risks.

Why a Security Strategy?

Security strategy provides a roadmap to management for effective management of its risks. It is a systematicapproach to proactively anticipating a risk occurrence and implementing appropriate counter measures toeffectively mitigate the risk.

What is Risk ?

R isk is the probability of occurrence of an uncertain event that could have a negative impact on the business.

An information security strategy requires:

a. A definition of organizations information security goals to successfully support its specific businessoperations, financial, strategic and compliance objectives.

b. An evaluation of the organizations business environment to identify internal and external risk factors

that may negatively impact its business success.c. A compilation of the organizations entire risk universe and analysis to identify those with the highest

impact or rather identify areas of highest risk exposures.d. A consideration of alternative best practice risk management approaches for the high risk areas.e. An evaluation of existing practices to determine control activities gap.f. An implementation of benchmark controls to effectively remediate or mitigate risks.g. Periodic reviews to ensure continuous effectiveness of controls.h. Timely remediation and re-evaluation of identified control weaknesses.i. Setting metrics for evaluating continuous effectiveness of control actions.

In order to ensure appropriate coverage of the above requirements, an information security strategy mustintegrate all existing business practices operational, financial, personnel, technological, strategic and statutoryrequirements in order to ensure their effective optimization of processes and results towards the success of theorganizations overall business objectives.

Following is a suggested roadmap summarized into nine phases as a guide to the successful development of aninformation security strategy.

The Nine Steps Roadmap

1. Plan and Scope

2. Perform R isk Assessment

3. Identify Significant Accounts and Controls

4. Document Controls Design

5. Evaluate Controls Design

Page 2: Nine Steps to a Successful Information Security Strategy

8/9/2019 Nine Steps to a Successful Information Security Strategy

http://slidepdf.com/reader/full/nine-steps-to-a-successful-information-security-strategy 2/2

Salman Akorede www.infosecurityauditcoaching.com/sq 2

6. Evaluate Operational Effectiveness

7. Identify and R emediate Deficiencies

8. Document Processes and R esults

9. Build Sustainability

To ensure the success of an information security strategy, respective organizations must effectively identify,characterize, establish ownership, analyze and continuously manage its risks to meet its specific needs on anongoing basis.

Salman Akorede is an information risk management consultant. www.infosecurityauditcoaching.com/sq ,


Nine Steps to the HR Exec Seat

Nine Steps to the HR Exec Seat

Business
Nine Steps to FISMA Compliance

Nine Steps to FISMA Compliance

Documents
Transcend: Nine steps to living well forever

Transcend: Nine steps to living well forever

Documents
6 Steps to Successful Parenting

6 Steps to Successful Parenting

Documents
Key Steps to Successful Partnerships with Health … Steps to Successful Partnerships with Health Care Providers ... Change in clinical pre-/post- measures ... Key Steps to Successful

Key Steps to Successful Partnerships with Health … Steps to Successful Partnerships with Health Care Providers ... Change in clinical pre-/post- measures ... Key Steps to Successful

Documents
Nine Easy Steps to Online Video Success

Nine Easy Steps to Online Video Success

Business
Nine Steps to Double-Double Isolation & Bypass

Nine Steps to Double-Double Isolation & Bypass

Business
Successful Elearning in 4 Steps

Successful Elearning in 4 Steps

Education
The Thirty Nine Steps-novel

The Thirty Nine Steps-novel

Documents
Nine Steps of Collaboration with Craig Neal

Nine Steps of Collaboration with Craig Neal

Presentations & Public Speaking
First steps toward successful blogging

First steps toward successful blogging

Health & Medicine
Nine Steps From Idea to Story 5

Nine Steps From Idea to Story 5

Documents
The Thirty-nine Steps - Venturesbooks.sk

The Thirty-nine Steps - Venturesbooks.sk

Documents
7 Steps To Successful Turnaround

7 Steps To Successful Turnaround

Business
Steps for a successful ORM

Steps for a successful ORM

Business
The Thirty-Nine Steps by John Buchan

The Thirty-Nine Steps by John Buchan

Documents
24 Steps to Successful Entrepreneurship

24 Steps to Successful Entrepreneurship

Business
The Thirty-Nine Steps - John Buchan

The Thirty-Nine Steps - John Buchan

Documents
The Nine Drivers of Successful Telesales

The Nine Drivers of Successful Telesales

Business
John Buchan - The Thirty-Nine Steps

John Buchan - The Thirty-Nine Steps

Documents
Nine Steps to Building a Business-Oriented Disaster ...media.zones.com/images/pdf/nine-steps-to-building-a-business... · Nine Steps to Building a Business-Oriented Disaster Recovery

Nine Steps to Building a Business-Oriented Disaster ...media.zones.com/images/pdf/nine-steps-to-building-a-business... · Nine Steps to Building a Business-Oriented Disaster Recovery

Documents
Buchan, John - The Thirty-Nine Steps

Buchan, John - The Thirty-Nine Steps

Documents
Nine Things Successful People Do Differentlydrshew.weebly.com/uploads/4/1/3/6/41362521/nine... · Nine Things Successful People Do Differently by Heidi Grant Halvorson FEBRUARY 25,

Nine Things Successful People Do Differentlydrshew.weebly.com/uploads/4/1/3/6/41362521/nine... · Nine Things Successful People Do Differently by Heidi Grant Halvorson FEBRUARY 25,

Documents
STEPS FOR A SUCCESSFUL ERP SOFTWARE IMPLEMENTATION 9 Steps article.pdf · • mapping out a strategy, • specific preparatory and implementation steps, ... 9 STEPS FOR A SUCCESSFUL

STEPS FOR A SUCCESSFUL ERP SOFTWARE IMPLEMENTATION 9 Steps article.pdf · • mapping out a strategy, • specific preparatory and implementation steps, ... 9 STEPS FOR A SUCCESSFUL

Documents
Thirty Nine Steps Script

Thirty Nine Steps Script

Documents
Steps for Successful Implementation

Steps for Successful Implementation

Documents
Projects That Work: Nine Steps to Success

Projects That Work: Nine Steps to Success

Documents
The Thirty Nine Steps

The Thirty Nine Steps

Documents
The Thirty-Nine Steps NT

The Thirty-Nine Steps NT

Documents
Successful Meetings Steps

Successful Meetings Steps

Documents