3 hours 43 minutes
let's continue with the management objective example.
In this video, we're going to talk about a P 0. 13 with respect to policies and procedures,
culture and behavior and services, infrastructure and applications
in the policies and procedures. Component will be pinpointing the relevant policies that support the overall objective of managing information security.
The culture, ethics and behavior component will spell out desired behavior at all levels within the organization.
Let's take an example of key culture elements oven enterprises, culture, risk and behavior to support managing information security.
Some of the key culture elements include promoting a security aware culture at all levels within the organization and providing sufficient guidance and indicating who the security and privacy champions are, such as C level executives, H R and or security and privacy professionals.
Along with supporting the privacy program with and communicating the program itself along with new innovations and challenges.
Desirable behaviors are also spelled out and what is required to support the management Oven Information Security program,
a work culture that embraces security and privacy awareness and has proper guidance on how to fulfill the enterprises security programs needs, along with knowing who the security and privacy champions are, will allow for the overall support of managing security.
The last component to support the goal of managing security includes the services, infrastructure and applications needed to support this management objective.
To support this goal, third party security assessment services can pinpoint the vulnerabilities and security gaps that can be mitigated by an overarching information security management system.
I hope by now you see the difference between a management objective versus a governance objective.
Take a moment to look at the differences of how each process contributes to the school as well.
So in this video we talked about how policies and procedures, culture and behavior and services, infrastructure and applications allow for a P 0. 13 to be implemented.