Outcomes of Information Security Program Management

Effective information security program management should achieve the outcomes defined in ISG. The necessary goals must be defined in specific, objective and measurable terms. Appropriate metrics should also be put in place to measure whether or not the goals were achieved. If not, it should be known by how much the objectives were missed, and discussion done to improve on performance.

Candidates should focus on the following six outcomes, and they should be considered as the basis for developing the objectives of an effective information security program:

Strategic alignment: The emphasis here is on organizational information risk, selection of appropriate control objectives and standards, agreement on acceptable risk and risk tolerance and definitions of financial, operational and other constraints.

Risk management: Candidates must show a comprehensive understanding of threats the organization faces, its vulnerabilities and risk profile. Candidates must know how to evaluate the potential impacts of threats that materialize, and know approaches involved in reducing risks to an acceptable level.

Also read : 3 domains of information security

Comments

Post a Comment

Popular posts from this blog

What Is an ERP Server?

Enterprise Resource Planning (ERP) software is business software that assists with the management of internal and external resources. An ERP server is a system dedicated to hosting ERP applications and data. The first ERP server was developed in 1972, when five German IBM engineers started the company SAP. ERP grew out of MRP, or Materials Requirement Planning, when the need for a leaner solution overtook the bulky, administration intensive system. Over the next two decades, a number of large players emerged in the field: Oracle, J.D. Edwards, Microsoft and Peoplesoft. Application ERP servers are used to integrate disparate applications and streamline management of business systems. Many areas of business activity, such as manufacturing, supply chain management, human resources, decision support, and distribution, can be tied together with ERP. An ERP server connects existing systems and presents them through clients on workstations, laptops and mobile devices throughout the ente
Read more

How to Wake on LAN With Ping

To remotely boot a computer on a network, you'll need a "Wake-On-LAN" supported network adapter. Once the adapter is installed, the computer can be "pinged" from another computer on the network to initiate the boot sequence. A ping is a signal sent from one computer to another and can be sent directly from the Command Prompt in Windows. Step 1 Open the "Start" menu on the computer that will be pinged, then type "CMD" into the Search box and press "Enter." Step 2 Type "ipconfig/all" then press "Enter." Make note of the following items: Physical address, IP address and subnet mask. Step 3 Open the Command Prompt on the computer from which you will be sending the wake-on-LAN command. Type "ping" followed by the computer that you will be sending the wake-on-LAN command's IP address. For example, if the IP address is "192.168.1.1," type "ping 192.168.1.1" and press the "
Read more

How do I configure LAN autodisconnect?

As with RAS its possible to configure a timeout for LAN connections after which idle time the connection will be closed, if you then try and use it the connection will be reconnected, this will be invisible to you but you will experience a slight delay By default this is 15 minutes however it can be changed by directly editing the registry: Start the registry editor (regedit.exe) Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters Double click autodisconnect Set to decimal and set the number of minutes (from -1 to 4294967295) Click OK Close the registry editor Reboot the machine You can also configure from the command line but registry is preferred as it does not interfere with any of the built-in tuning Net Config Server /autodisconnect:60 would disconnect after 60 minutes. Valid is from -1 to 65535. To turn off the disconnect set to -1 (registry or net config command), DON'T set to 0 as it will autodisconnect all the time!
Read more