Information Security Management Process
Purpose:
Official – align IT security with business security and ensure that the confidentiality, integrity and availability of the organization’s assets, information, data and IT services always matches the agreed needs of the business.
Unofficial – Confidentiality, Integrity & Availability of IT services and service assets.
 © Copyright 2014. All Rights Reserved. www.KnowledgeToolWorks.com
Security Management Concepts
• Security policy must address aspects of strategy, controls & regulation
• Link security strategy to business objective
• Security controls to support the information security policy
• Manage security risks
• Monitor processes to meet security
requirements
• Communications, training, &
awareness
Quick Update
  Copyright © 2018. Knowledge ToolWorks. All Rights Reserved.