Home > Risk management: Implementation of baseline controls
Learning Guide:
EMAIL THIS

Risk management: Implementation of baseline controls

30 Aug 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Layer on baseline controls in accordance with CIA information ratings. This step ties the organization's business risks into information security controls. Many organizations are challenged with regulatory compliance and implementation of security best practices. Do not lose track of the big picture, controls are meant to insulate the business from unacceptable risk. The simple process of applying controls based upon data sensitivity and impact ratings will address most compliance concerns. Any deviation from baseline controls should require a formal exception approved by information security management and the business.


INSIDER THREAT MANAGEMENT GUIDE

  Introduction: Insider threat management
  Data organization and impact analysis
  Baseline management and control
  Implementation of baseline control
  Risk management audit
  Risk management references

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Risk Assessment Analysis
Reports show security awareness and training are still lagging
Data threats: Insiders vs. outsiders
Managed services company finds way to automate support
RSA gets control of security, risk with Agiliance compliance solution
Database patch denial: How 'critical' are Oracle's CPUs?
Is personal Internet usage acceptable for employees in the workplace?
Windows registry forensics guide: Investigating hacker activities
Security strategy research seeks to plug weaknesses
Bank security chief explains how to avoid internal threats
Data loss prevention doesn't come in a pill

Security Policies and Awareness
Security is a people business, don't forget it
Appliance provides network access protection on school campus
How to prevent clickjacking attacks with security policy, not technology
Privacy, data protection must be built into system design, says ICO
Can policy thwart disgruntled employee data leaks?
Setting up a remote access security policy
Security policies often ignored, non-existent, survey finds
Information Commissioner turns up the heat on data breach culprits
DLP useless when companies fail to classify data
Finance sector poor at achieving outsourcing success

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Financial Services Authority  (SearchSecurityUK.com)
IISP (Institute of Information Security Professionals)  (SearchSecurityUK.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts