FOLLOW UP – Follow-up and improvement of information security work and its management
Monitoring, measurement and target follow-up provide data supporting evaluation if information security is appropriately designed, has the intended effect, and that security measures exist and work satisfactorily. The result of the evaluation is based, inter alia, on internal audit, management review and as input value for Identifying and Analyzing for the next term in the systematic information security work.
We review the systematic information security work of the business and its management to ensure its continued suitability, adequacy and impact.
Decisions may apply; improvements in information security, changes in the way in which information security is managed and how it is described in policies and guidelines for information security and decision making on resource allocation. The decisions together provide management’s focus on the continued systematic information security work.
ANALYZE
The analyzes ensure that security is designed in a clearly defined zero state
CREATE
Definition of strategic security goals and description of roles in safety work
USE
Implementation and application of defined action plans and control documents
FOLLOW-UP
Follow-up of previously decided initiatives is based on initial value for the next assignment
NASECO AB
STOCKHOLM
SVERIGE
info@naseco.se
NASECO AB är en konsultfirma med specialistområden är inom IT-säkerhet, IT-ledarskap, koordinering och governance
