Beruflich Dokumente
Kultur Dokumente
Slide 3
Programs Goal
Security Program
Uniform in the whole enterprise. Everyone knows and abide Organization structure must be set up
each business unit must have the each business unit must have the
opportunity to approve the policies. opportunity to review and comment on the policies.
System Acces
System Devel
Asset Classification
Network Management
Sec. Organization
Reviewer CEO SVP, Marketing SVP, Dev. & Tech VP, Finance General Auditor GM, HR GM, Risk Mgmt Senior Consultant
Thursday, March 15, 12
Compliance
Personnel
Info. Sec
Physical
BCP
writing information security standards for their area of responsibility can review information security standards for their impact on their business unit assist in the implementation of approved policies and standards
Business units must provide someone who Business units have the responsibility to
Success Factor
Frequency Media
Frequency
Frequency of message delivered to staff Equal to ads, with educational message.
Additional Message:
Information security standards Information security monitoring Information security performance
measurement
Media
Composition of the media used Mix of media (video, posters, presentations,
booklets, brochures, newsletters, and giveaway item)
Meets frequently
Thursday, March 15, 12
Senior Management Information Security Management Business Unit Managers First Line Supervisor Employees Third Parties
Thursday, March 15, 12
,m./m,.
Senior Management
Have the ultimate responsibility for deciding how the organization will handle risk Responsible for:
Making sure that audit recommendations are addressed in a timely and adequate manner Participating in the activities of the ISSC Providing adequate resources Educating organotions staff Reviewing and approving policies and strategies Providing resolution for info. Sec issues
Thursday, March 15, 12