NEW GAME! whats do you have copied RIGHT NOW!
Registered User
Joined: Sep 2003
Posts: 1,158
Likes: 0
From: Brownsburg
Registered User
Joined: Jun 2001
Posts: 6,792
Likes: 4
APPENDIX- A
INITIAL INFORMATION SECURITY ASSESSMENT
Describe how your organization addresses each issue in your information security plan. If your plan documents specifically address an issue, you may simply cite the section or reference number in lieu of a detailed response. Please feel free to respond using another format; however, we request that you use the reference numbers for each section to aid our review of your response.
CONCEPT CATEGORY CONCEPT DESCRIPTIONS RESPONSE
1 Program Planning and Management A program exists that encompasses security and privacy issues and is adequately maintained.
1.1 Obtain senior management and board, approval, commitment, and direction
1.2 Formally appoint a central point of contact for security and privacy coordination
1.3 Strategically plan, monitor, and maintain security and privacy program
1.4 Establish and document security and privacy roles and responsibilities
1.5 Incorporate requirements and involvement of businesses into program
1.6 Establish program metrics
1.7 Ensure appropriate budget and resources are allocated to the program
2 Security & Privacy Policy and Practice Management A viable and comprehensive privacy program addresses all elements of information privacy compliance & preparedness.
2.1 Develop and implement enterprise policies, standards, and guidelines
INITIAL INFORMATION SECURITY ASSESSMENT
Describe how your organization addresses each issue in your information security plan. If your plan documents specifically address an issue, you may simply cite the section or reference number in lieu of a detailed response. Please feel free to respond using another format; however, we request that you use the reference numbers for each section to aid our review of your response.
CONCEPT CATEGORY CONCEPT DESCRIPTIONS RESPONSE
1 Program Planning and Management A program exists that encompasses security and privacy issues and is adequately maintained.
1.1 Obtain senior management and board, approval, commitment, and direction
1.2 Formally appoint a central point of contact for security and privacy coordination
1.3 Strategically plan, monitor, and maintain security and privacy program
1.4 Establish and document security and privacy roles and responsibilities
1.5 Incorporate requirements and involvement of businesses into program
1.6 Establish program metrics
1.7 Ensure appropriate budget and resources are allocated to the program
2 Security & Privacy Policy and Practice Management A viable and comprehensive privacy program addresses all elements of information privacy compliance & preparedness.
2.1 Develop and implement enterprise policies, standards, and guidelines
Trending Topics
Former Moderator
Joined: Jan 2001
Posts: 2,751
Likes: 1
From: Arlington, VA
