Information Security Program

Information Security Program

>>Login Here<<

The Information Security Program sets the tone for the company’s resources on how security practices are looked at. Developing the security program the right way can foster interoperability and streamline the organization’s daily operational workflows.

This policy applies to all information systems and applications. Every application and the systems that support it must document, implement and monitor an approved level of controls suitable for the specific application. These controls must be reviewed by the IT Steering Committee on a periodic basis to ensure they meet corporate, ethical, and legislative requirements. The controls are divided into the following areas:

  • Identify
    • Develop the organizational understanding to manage security risk to systems, assets, data, and capabilities.
  • Protect
    • Develop and implement the appropriate safeguards to ensure the delivery of critical infrastructure services.
  •  Detect
    • Develop and implement the appropriate activities to identify the occurrence of a security event.
  • Respond
    • Develop and implement the appropriate activities to take action regarding a detected security event.
  • Recover
    • Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a security event.

>>Click Here To Access Your Information Security Program Template<<