Information Security Management Principles, 3rd Edition

3 INFORMATION SECURITY FRAMEWORK

The purpose of establishing an information security framework is to ensure that appropriate control mechanisms are in place to manage effectively the information assurance across the enterprise.

This chapter covers the basic principles for establishing such a framework within an organisation and will look at the general area of information security management. In particular it will consider the role and appropriate use of policy, standards and procedures, information assurance governance, security incident management and their appropriate implementation.

ORGANISATION AND RESPONSIBILITIES

LEARNING OUTCOMES

The aim of this section is to provide you with the basic knowledge needed to understand the principles ...

Get Information Security Management Principles, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Security Management Principles, 3rd Edition by Andy Taylor, David Alexander, Amanda Finch, David Sutton

3 INFORMATION SECURITY FRAMEWORK

ORGANISATION AND RESPONSIBILITIES

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly