Questions to Consider

Previous page
Table of content
Next page


Based on what you have read, consider the following questions and, as an ISSO, how you would reply to them:

  • Do you have a process in place to conduct a formal year-end analysis of your CIAPP and InfoSec functions?

  • If not, why not?

  • If so, does it include cost-benefit analyses?

  • Do you provide a "state-of-InfoSec" report of the corporate information environment at year's end?

  • If so, is it briefed to executive management?

  • Are "subreports" provided to each department head addressing specifically the status of the protection of their information environment?

  • Do you involve your InfoSec staff in the year-end reviews, analyses, and planning?

  • Do you reward your InfoSec staff for a job well done at year's end—by more than words?

  • How would you go about conducting and improving on the process described in this chapter?


Previous page
Table of content
Next page
The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors: Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
VBScript Programmers Reference
Postfix: The Definitive Guide
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy