Developing an Information Security and Risk Management Strategy


Click here to download now

Source: Interop
Date: August 2010
Type: White Paper
Rating: (0)

Overview: Learn how to develop a multi-phased information security and risk management (ISRM) strategy from John P. Pironti, CISA,CISM, CGEIT, CISSP, ISSAP, ISSMP, president of IP Architects LLC and security conference track chair at Interop. an ISRM provides a road map for information and information infrastructure protection with goals and objectives that ensure capabilities provided are aligned to business goals and the organizationís risk profile. Traditionally, ISRM has been treated as an IT function and included in an organizationís IT strategic planning. As ISRM has evolved into a more critical element of business support activities, it now requires its own independent strategy to ensure its ability to appropriately support business goals and to mature and evolve effectively. A multiphased approach to developing an ISRM strategy is often most effective and provides recognizable results and value to an organization. The five phases discussed: 1) Business Awareness, 2) Strategy Definition, 3) Strategy Development, 4) Metrics And Benchmarking and 5) Implementation And Operation

Not what you're looking for? Search again
Go Advanced »
More From the Security Administration Section

View All Categories

Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management

Development : Architecture & Design, C/C++, Database, Development Tools, Embedded Systems, High Performance Computing, Java, Mobility, Security, Web Development, Windows/.NET, Open Source

Government : Cloud/SaaS, Enterprise Applications, Enterprise Architecture, Federal, Information Management, Leadership, Mobile & Wireless, Policy & Regulation, Security, State & Local

Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers

Healthcare : Policy & Regulation, Leadership, Security & Privacy, Mobile & Wireless, Electronic medical records, Clinical information systems, Administration systems, Interoperability, The Patient

Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services

Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business

Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends

Mobility : 3G Wireless/Broadband, 802.11x, Fixed Mobile Convergence, Mobile Business, Mobile Messaging, Muni Wireless, RFID, Smartphones, Wi-Fi VOIP, Wi-Fi/WiMax, Wireless Security, WLAN

Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds

Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats

Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services

Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services

Storage : Data protection, Disaster Recovery, Removable/Portable Storage, Security, Storage Fabrics, Storage Systems, Virtualization

Telecom : VOIP, Unified Communications, Voice services, PBXs, Call Centers, Presence, Collaboration Systems, Business, Regulation, Internet policy

Windows/Microsoft : Applications, Internet Explorer, Microsoft Company News, Office Suite, Open Source, Operating system, Security


More Security Resources

DDoS Mitigation And DNS Availability Should Be Key Components Of Your Resiliency Strategy
DDoS attacks continue to grow in size, frequency and complexity, forcing network-dependent companies to implement a plan for protection. However, the results of a recent ......

More On Security