Define in detail the following key areas of security management:
- Asset classification practices: Guidelines for specifying security levels as discussed above
- Risk assessment and acceptance: As above
- Asset ownership: Assignment of roles for handling sensitive assets
- Asset handling responsibilities: The tasks and procedures to be followed by the entities handling the asset, as identified above
- Policies regarding mishandling of security assets
- How security violations are reported and responded to
- Security awareness practices: Education programs and labeling of assets
- Security audits: Unannounced checks of security measures put in place to find out whether they are functioning
No comments:
Post a Comment