Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 9 SECURITY MANAGEMENT PRACTICES - Coggle Diagram
CHAPTER 9
SECURITY MANAGEMENT
PRACTICES
Introduction to Security
Practices
Organization strive to deliver the most value with a given level of investment -this is known as the "value proposition"
The development & use of sound & repeatable information security (InfoSec)management practices brings organization s closer to meeting this objective
Security Employment
Practices
Hiring
Job Descriptions
Interviews
Background Checks
Contracts & Employment
Security expectations in the Performance Evaluation
Termination issues
Personnel Security Practices
Security of Personnel & Personnel Data
Temporary workers
Contract employees
consultants
Business Partners
Information Security
Performance Measurement
Performance Measures in InfoSec Management
InfoSec Performance Management
Building the Performance Measurement Program
Specifying InfoSec Measurement
Collecting InfoSec Measurement
Measurement Development Approach
Measurement Prioritizatiopn & Selection
Establishing Performance Targets
InfoSec Performance Measurement Implementation
NIST InfoSec Performance Measurement Implementation
Reporting InfoSec Performance Measurement
Benchmarking
Benchmarking can be an internal tool for comparing current performance against past performance and looking for trends of improvement or areas that need additional work.
2 categories of benchmarks-
(Standards of due care & due diligence & Recommended practices / best security practices)