8.7 Mobilizing organizational resources for priority II

 < Day Day Up > 

Action Checklist Number 8 (see Table 8.2) shows which steps IT managers in all types of organizations can take to synchronize their efforts with those of the government to achieve the goals of participating in a national threat and vulnerability reduction program. The next chapter focuses on launching a national cyberspace security awareness and training program.

Table 8.2: Action Checklist Number 8

Action Item

Status (e.g., Completed, Pending, or N/A)

Determine how IT security staff are trained and develop a program to improve training.


Determine if there are opportunities to work with local lawenforcement agencies on joint training exercises.


Determine how the organization obtains information on vulnerabilities and develop steps to obtain more timely information on vulnerabilities.


Determine if the organization actually uses information on vulnerabilities to keep security methods updated and make changes in the approach if necessary.


Determine if the technology used by the organization meets the Common Criteria standards and make plans to migrate away from technologies that do not meet the standards.


Determine if the technology-acquisition process used by the organization requires that products meet Common Criteria standards and modify procedures as necessary.


Evaluate the configuration-management processes and procedures of the organizations to determine if they provide sufficient levels of control to improve security and modify procedures as necessary.


Evaluate the process and procedures for installing patches to eliminate vulnerabilities and modify procedures as necessary.


Evaluate the physical security of computer and network facilities to determine if they meet minimum standards or customary standards for the industry sector and modify physical security procedures as necessary.


Determine if the organization wants to make recommendations for priorities in cybersecurity research.


 < Day Day Up > 

Implementing Homeland Security for Enterprise IT
Implementing Homeland Security for Enterprise IT
ISBN: 1555583121
EAN: 2147483647
Year: 2003
Pages: 248

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net