5.5 Essential Elements of an Information Security Program

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course
Time
6 hours 30 minutes
Difficulty
Advanced
CEU/CPE
7
Video Transcription
00:00
Okay. Now, some elements of the security program
00:04
well planned.
00:06
I s strategy. It's the execution. So we had this strategy, this vision,
00:12
putting it into work,
00:13
aligned with business goals. Surely that's the first time you've heard me say that. All class, right, alignment with the business. Which is exactly why the chief operating officer is a good sponsor for this program.
00:27
Our management stakeholders have to be involved. So, like I said, it's not just the chief operating officer sitting down and writing out some policy, right? This is a project, and it's a major project. So we have to make sure that we have a cross functional team that's involved. We asses ums will be
00:46
influencing.
00:47
We may be the project manager, but it's certainly just not on our shoulders alone.
00:53
And when we put controls in place when we change the game, you know, so to speak. When we implement, um, new administrative policies, we have to know if it works. Was this a good decision? Do I need to modify it?
01:08
You can't determine if it works till you define what working means, and we do that through metrics will establish metrics well before the program is implemented and we'll lay out our goals and what it means for each of these controls to meet their objectives. Okay, that's again nothing new.
01:27
So Ah, this slide, you've heard it. You've seen it. But, man, let me tell you this. If you see those saying my ideas who over and over and over again, as I know you do
01:41
in this course, that's really got a stress to you, The essential nature of what I Sacha is preaching with this exam.
01:49
And I will tell you I think that they're just some principles that if you absorb and if you go back every time
01:57
the business cost benefit analysis, risk analysis or not even risk analysis risk management. Starting with valuing your assets, senior management buy in. And I think you'll be okay on this test. If you could answer every question with those in mind
Up Next