TOPIC 1 : INTRODUCTION TO SECURITY MANAGEMENT

Andere

Jetzt loslegen. Gratis!

oder registrieren mit Ihrer E-Mail-Adresse

TOPIC 1 : INTRODUCTION TO SECURITY MANAGEMENT von AIDIEL RAHMAN__ Mind Map: TOPIC 1 : INTRODUCTION TO SECURITY MANAGEMENT

1. best practice information security

1.1. security policies

1.2. end user acceptable use guidelines

1.3. vendor mangment

1.4. physical security

1.5. password requirements and guidelines

1.6. wireless networking

1.7. employee awareness training

2. organization principle

2.1. logical division work

2.2. clear lines of authority & responsibility

2.3. unity of command

2.4. responsibility , authority & accountability

2.5. span of control

3. education and awareness in the organization

3.1. The Risk of Poor Information Security Management

3.1.1. Without policies and security-management controls in place, the organization is really saying that anything goes. That opens the organization to a host of risks, both internal and external

3.1.2. example:

3.1.2.1. internal threat

3.1.2.1.1. leakage of sensitive data

3.1.2.1.2. theft

3.1.2.1.3. legal liability

3.1.2.1.4. corruption of data

3.1.3. external threat

3.1.3.1. natural disasters

3.1.3.2. spyware

3.1.3.3. viruses

3.1.3.4. worms

3.1.3.5. Trojan programs

4. how to improve your information security

4.1. support cyber security staff

4.2. conduct annual staff awareness training

4.3. prioritize risk asessement

4.4. regularly review policies and procuderes

4.5. assess and improve

5. information security management

5.1. security management in an organization

5.2. information security management

5.3. best practice information security

6. Information security management (ISM)

6.1. Confidentiality

6.2. asset

6.3. threat

6.4. vulnerability

7. education awareness objective

7.1. To provide appropriate awareness and training on information security to help protect organization IT resources, including data, network and services.