CREATE – leads to strategic information security goals
-
As a whole, this step should lead to strategic information security goals and description of roles in security work (organization).
The Information Security Policy is an overall Steering Document that will express the management’s intention of focusing on information security.
Security measures should be expressed in Control documents, some of which may be linked to specific classes in an interoperability class.
ANALYZE
The analyzes ensure that security is designed in a clearly defined zero state
CREATE
Definition of strategic security goals and description of roles in safety work
USE
Implementation and application of defined action plans and control documents
FOLLOW-UP
Follow-up of previously decided initiatives is based on initial value for the next assignment
NASECO AB
STOCKHOLM
SVERIGE
info@naseco.se
NASECO AB är en konsultfirma med specialistområden är inom IT-säkerhet, IT-ledarskap, koordinering och governance
