Cyber Programme

From Glitchdata
Jump to navigation Jump to search

Steps to establish a Cyber program include:

  • Adopt a corporate information security policy statement.


Common Docs


Baseline Programme

  • Cyber Security Baseline
    • Review Legislative requirements
    • Review and align Cyber Policies
      • PSPF, Essential 8 (E8) Compliance and Assurance
    • Review Cyber Stakeholders
    • Review Cyber Organisation Structure, Steering Committee
    • Create Cyber Governance artefacts (where needed)
    • Establish Cyber Performance Management
      • Establish Cyber Metrics
    • Review People Process, and Technology
  • Cyber Security Architecture
    • Review Cyber Architecture Design
      • Reviewing Asset List
      • Reviewing Capabilities
      • Maintain & Track Treatment Register
    • Review Cyber Strategy
    • Review Cyber Capability Roadmap
    • Cyber Technology Horizon Scan
      • Vendor/Service Provider/Stakeholder Engagement
  • Cyber Projects & Uplift
    • Business Impact Assessment/s
    • Cyber Risk Assessment/s
      • IRAP (Information Security Registered Assessors Program) assessment reviews
      • Testing
    • Review Cyber Processes
    • Cyber Change Management
    • Cyber Awareness
  • Cyber Operations
    • BCP Review
    • DRP Review
    • BC Testing
    • Security Incident Management