Questions to Consider

Previous page
Table of content
Next page


Based on what you have read, consider the following questions and how you would reply to them:

  • Where do you think the ISSO position and InfoSec organization should report at IWC or within your company?

  • Why?

  • Have you read your company's business plans?

  • Have you integrated your InfoSec organization plans to support the successful accomplishment of the company goals?

  • If not, why not?

  • If so, how do you measure your success in that support?

  • Do you have a CIAPP?

  • Is the CIAPP current?

  • Do you have a process in place to keep it current?

  • Do you have a process in place to ensure it is working at least cost and impact to the company's business?

  • In support of the IWC vision, mission, and quality statements, what would you write as the IWC ISSO to support them or those of your company?

  • Are the statements realistic?

  • Are the statements known by your staff?

  • Are the statements useful, or do they exist only because management said to write them?

  • Are the statements one of the basic foundation pillars of the CIAPP?

  • If not, why not?


Previous page
Table of content
Next page
The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors: Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Inside Network Security Assessment: Guarding Your IT Infrastructure
FileMaker Pro 8: The Missing Manual
The Java Tutorial: A Short Course on the Basics, 4th Edition
Programming .Net Windows Applications
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy