security management practices
1. What is benchmarking?
Creating a blueprint by looking at the paths taken by organizations similar to the one whose plan you are developing. Using this method you follow the recommended or existing practices of a similar organization or industry-developed standards.
2. What is the standard of due care? How does it relate to due diligence?
Due care are the organizations that adopt minimum levels of security to establish a future legal defense may need to prove that they have done what any prudent organization would do in similar circumstances. Due diligence encompasses a requirement that the implemented standards continue to provide the required level of protection. Failure to establish and maintain …show more content…
Those that determine the effectiveness and/or efficiency of the delivery of information security services, whether they be managerial services such as security training, or technical services such as the installation of antivirus software. Those that assess the impact of an incident or other security event on the organization or its mission.
11. According to Dr. Kovacich, what are the critical questions to be kept in mind when developing a measurements program?
Why should these statistics be collected? What specific statistics will be collected? How will these statistics be collected? When will these statistics be collected? Who will collect these statistics? Where (at what point in the function s process) will these statistics be collected?
12. What factors are