Chapter 22. Operations Security
Solutions in this chapter:
▪ Administrative Management
▪ Individual Accountability
▪ Operation Controls
▪ Auditing to Determine What Went Wrong
Summary
Introduction
This chapter looks at operations security. This is not the same as OPSEC (as used in within the military). JP(Joint Publication)JP 1-02 defines OPSEC as “a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to identify those actions that can be observed by adversary intelligence systems”.
Rather, organizational Operations Security is about maximizing the Confidentiality, Integrity and Availability of the systems used by the organization using a risk based approach. This ...
Get The IT Regulatory and Standards Compliance Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.