欢迎来到天天文库
浏览记录
ID:7894696
大小:1016.57 KB
页数:60页
时间:2018-03-02
《aber best practices in security governance外语英文电子书》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、AberdeenGroupBestPracticesinSecurityPowerPackResearchSeriesSeptember2005AberdeenGroupBestPracticesinSecurityGovernanceJune2005BestPracticesinSecurity:GovernanceRecommendationsforActionAberdeenrecommendsthatorganizationstakethefollowingactionstoimproveperform-ancewhenitcomestogoverningsecuri
2、typrograms:•Gobeyondobviouspolicystatementsandimplementveryspecificstandardsfortheorganizations.•Makesurestandardscanbetranslatedintoprocesses,knowledgeanddata,andthecontrolsthatareimplementedinnetworks,infrastructureandinformation.•Placeresponsibilityforchampioningandmaintainingstandardsin
3、thecentralsecu-ritygroup.•Automatesecuritytestingauditsfortheenterpriseandwiththefirm’ssuppliers,busi-nesspartners,andsignificantcustomers.•Acceptablerisklevelsshouldbeagreedtoatabusiness-unitlevel.•Fundcorporatesecurityfromaminimumbaselineforcommoditypurchasingrequirements.•Funddivisionals
4、ecurityfromagilityandriskprofilesalongwithongoingriskas-sessments,changesinbusinessoperations,andaudittestresults.•Correlatesecurityeventsbybusinessdivisionandacrosstheorganizationforbusi-nessagilityandriskimpacts.•Implementautomatedremediationwhereverpossibletotakehumanerrorandomis-sionout
5、oftheloop.•Deliverbusinessviewsofagilityandriskintheformofsecuritydashboards.•Employpredictivesimulationstoprioritizeresourcesandenableresponsetobusinesschange.AllprintandelectronicrightsarethepropertyofAberdeenGroup©2005.AberdeenGroup•iiiBestPracticesinSecurity:GovernanceExecutiveSummaryKe
6、yBusinessValueFindingsixprimarybusinesspressuresaredrivingelectronicsecurity.ThefirstthreeareSexternalpressuresthatareintimatelylinkedtomarketperformanceandvaluation.ThelastthreeareintimatelylinkedasITsecurityandexternalauditsthatarein-creasinglyrelyingonmoresophisticatedautomationtoolstofe
7、rretoutsecurityandcom-pliancegaps.Thepressuresare:1)Agileaccesstoinformationtosupportglobaltrade;2)Leakageofcustomerandconfidentialdata;3)Financialandoperationallossesfromcompromisedanddisruptedbusinessoperations;4)Sharpenedregulatoryoversightandincreasi
此文档下载收益归作者所有