EnterpriseSecurity
SecurityProNews
ITmanagement







Setting Up A Security Plan For Your Enterpirse

By Craig Borysowich
Expert Author
Article Date: 2009-03-20

A plan to ensure the security of the organization's assets.

Contents

Organization and Administration

· Security Procedures

Include such things as references to the security policy, the procedures for each organizational area, the access procedures, emergency procedures and contacts.

Technical

· Security Goals

An overview of the level of security to be achieved and the priorities for protection. Include the cost exposure matrix.

· Security Architecture

The architecture specifies the products, tools, and techniques used within the technical architecture to provide security. This may be a reference to the System Blueprint.

· Security Operations

Describes the details of any procedures required to effect the security. This part of the deliverable must be secure since it contains sensitive material.

Size and Format

Describe the procedures in one or two pages each. Use diagrams to document the architecture and highlight any critical features in one or two paragraphs. Describe the operations as concisely as possible, five to ten pages.

ACTIVITY - MAINTAIN SYSTEMS MANAGEMENT ENVIRONMENT SECURITY

To ensure that the systems management environment is protected from threats. A security plan for an organization involves much more than technical security (i.e., the computer security). It also involves personnel, business processes, and physical security.

Designing and maintaining a security strategy for an organization's assets can be expressed simply in five steps:

· Identify what to protect.

· Identify threats to the asset to be protected.

· Determine the likelihood of the threat.

· Identify measures to protect the asset against the threat.

· Test and revise the strategy.

Comments
About the Author:
Craig Borysowich has over 18 years of Technology Consulting experience with both public and private sector clients, including ten years in Project Leadership roles. His extensive background in working with large scale, high-profile systems integration and development projects that span throughout a customer’s organization allows him to help consulting organizations world-wide to deliver better quality projects more consistently.

Newsletter Archive | Submit Article | Advertising Information | About Us | Contact

EnterpriseSecurityNews is an iEntry, Inc.® publication © All Rights Reserved Privacy Policy and Legal