Infosec Strategic, Tactical, and Annual Plans


Once the ISSO has been briefed on the above LOE and projects, the results will be mapped against the InfoSec Strategic, Tactical, and Annual Plans. The LOE and project results could be identified as some of the specific building blocks of each of the plans.

The InfoSec Annual Plan's goals should have been accomplished. If so, the ISSO then identifies the links between the successful accomplishment of those goals with the IWC Annual Business Plan and the IWC and InfoSec Strategic and Tactical Plans as appropriate.

If a direct link between the accomplishments of the InfoSec staff and the goals of the plan cannot be shown, the ISSO must question why the specific projects or LOE identified were ever done in the first place. There may be a very valid reason; however, this should always be questioned, as any resource allocations which cannot be directly linked back to accomplishment of stated goals are probably misallocations. They are an added cost burden on the InfoSec budget as well as an additional overhead cost to IWC.




The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net