Search in ISMS Guides


Thursday, August 2, 2007

Step 4: Implement security practices

by Change Tech Solutions Inc. | Oct 8, 2003

At this phase, implement the security measures defined in the preceding step. You can do this in stages to make it easier for everybody to adapt to the new working environment. Expect many problems at the start, especially with respect to user resistance to their security tasks, such as using passwords. Staged implementation can be performed:
  • By department, starting with the most sensitive assets. The natural first choice would be the IT department.
  • By business function or activity, starting with those that depend on (or create) the most sensitive assets. You might begin with all business planning activities, followed by marketing, human resources, etc.
  • By location, especially if prioritized sensitive assets are mostly physical. This approach is easiest to implement. However, its effectiveness is doubtful for information assets residing in networked computer systems. You might start with the IT data center, then gradually widen the secured area to encompass the entire business facility.
  • By people, starting with key members of the organization.

Back To Implement Security Management With These Six Steps

No comments: