CISM: Information Security Program Objectives

From Glitchdata
Jump to navigation Jump to search
Desires Outcomes => Viable Strategy => Governance Structures => Information Security Program

  • Information Security Objectives should be defined as a tool to measure effectiveness of the program.
  • MAIN project activities are control design and deployment.
    • The Majority of the program development activities involves designing, testing and deploying controls that achieve the risk management objectives.
  • Improvements in Program metrics
  • To improve the integration of business and information security processes