Security – Final Thoughts

Security – Final Thoughts

  Final Thoughts Recap We’ve covered a lot of ground since this series of security articles was first posted. Here’s a reminder of the main topics we’ve explored: Information Security Management System and How to Start Framework Focus Organisation Management Asset...
Security – BCP and DRP

Security – BCP and DRP

BCP and DRP Requirements In business, when unexpected situations occur they can cause interruption or degradation of operational company functions. The best case scenario is that they cause nothing more than a minor inconvenience to an organisation. However, extreme...
Security – Human Resources

Security – Human Resources

Human Resources Requirements With people playing a major role in the implementation of security driven procedures and processes, it is critical that the management of that organisation’s human resource is aware of obligations in relation to this. Each of the different...
Security – Physical Security

Security – Physical Security

Physical Security Requirements The topic of Physical Security addresses areas of security that relate to physical building access, management of physical assets, working in secure locations and environmental controls/conditions. Essentially, measures that concern...
Security – Access Control

Security – Access Control

Access Control Requirements This topic is concerned with how access to information and information systems is managed, as distinct from the policies on who has access to information that is stored and moved within the technology environment (see earlier topic on...
Security – Asset Management

Security – Asset Management

Asset Management Requirements Assets, as they relate to information and technology facilities of an organisation, are typically identified and recorded in dedicated inventories as part of the overall technology documentation. To be effective, the register(s) should...
Security – Framework Focus

Security – Framework Focus

Security Framework Concept – The C-I-A Triad When building an Information Security Management System, there is a concept that should be followed to design the measures for protecting information stored in computer systems. This concept is known as C-I-A or...
Security – Building an ISMS

Security – Building an ISMS

Building an ISMS The previous post in this series suggested an Information Security Management System is needed to manage your security effort. So, where to from here? Building an ISMS from scratch can be a monumental challenge, but it doesn’t have to be. It is common...