CISM: Information Security Program Objectives
Jump to navigation Jump to search
|Desires Outcomes => Viable Strategy => Governance Structures => Information Security Program|
- Information Security Objectives should be defined as a tool to measure effectiveness of the program.
- MAIN project activities are control design and deployment.
- The Majority of the program development activities involves designing, testing and deploying controls that achieve the risk management objectives.
- Improvements in Program metrics
- To improve the integration of business and information security processes