Search in ISMS Guides


Thursday, August 2, 2007

Step 3: Define security practices

by Change Tech Solutions Inc. | Oct 8, 2003

Define in detail the following key areas of security management:
  • Asset classification practices: Guidelines for specifying security levels as discussed above
  • Risk assessment and acceptance: As above
  • Asset ownership: Assignment of roles for handling sensitive assets
  • Asset handling responsibilities: The tasks and procedures to be followed by the entities handling the asset, as identified above
  • Policies regarding mishandling of security assets
  • How security violations are reported and responded to
  • Security awareness practices: Education programs and labeling of assets
  • Security audits: Unannounced checks of security measures put in place to find out whether they are functioning
Back To Implement Security Management With These Six Steps

No comments: