In principle-based ICTD project management, project is succeeded or failed by integrity in project conception, design, launch, acquisition, implementation and closure. It is indicated by the kind of questions raised during meetings and back channel
storytelling that tell about..
- Clarity,
- Coherence
- Consistency
- Capability
- Controlability
- Continuity
- Community
First three basic activities on securing information of the enterprise.
- Definition of Information Asset
- Assessment of Risks
- Identification of Control
- Implementation of Mitigation
Acceptable standards on principle, process and content are necessary knowledge shared among people whose interest is protection, safety and privacy of enterprise information
Basic tools to communicate that a project is a GO....
- Project Readiness Assessment Matrix
- Project Roles Accountability, Responsibility, Expertize and Work Matrix
- Project Risks Valuation Matrix
- Project Requirement Traceability Worksheet
- Project Work, Budget and Procurement Plan
- Project Monitoring and Control Checkpoint
If the tools are not made available and used, you will surely find project execution meeting loaded with questions of clarification and reaction.
First things first in information security management is called risk assessment.
Risk is threat to something important or critical to success being lost , comoromised or failed.
Assessment of risk pays attention on identification and analysis of threats being multiplied with vulnerabilities, and impact mitigation of making the bad condition lessened, prevented or changed..
The doing of the real thing in information security risk assessmet of the enterprise cover the following:
- Definition of Risks
List of information assets to protect and the associated threats and vulnerability - Analysis of Risks
Rating and acceptance of consequent impact and the likelihood of incidents - Identification of Risks Control
List of treatments to prevent and resolve the risks - Implementation of Risks Mitigation
Action plan to execute risks control objectives.
Effective doing of risk assessment begins with acceptable standards of knowledge on principle, process and content that are shared among people whose interest is protection, safety and privacy of enterprise information.
The simple and communicable matrix of information security assesment contains: - List of enterprise information assets that have influenced on security
- Associated risks owners and asset stakeholders
- Threats and vulnerability linked to assets
- Accepted impact and Likelihood of both threat and vulnerability.
- Control objectives and action to plan
Congratulations @awesomewanderer! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Award for the number of posts published
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP
Hello,
As a follower of @flamingbot this post has been randomly selected for resteem for free! Enjoy your resteem activities! Have a great day!
To use our service: simply upvote this comment & follow us and send your post link as a transaction of 0.001 to @flamingbot. Your post is resteemed in 5hours. Good luck!