One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 2148835 |
| Date de publication | 2020-08-19 19:48:48 (vue: 2021-01-06 20:37:56) |
| Titre | NBlog Aug 19 - IAAC Directors\' Guides |
| Texte |  Some time back I bumped into a handy management guide on information risk - a double-sided leaflet from the Information Assurance Advisory Council. In 2015, it inspired a security awareness briefing explaining that colourful process diagram, which has now morphed into a further 5-page briefing on Information Risk Management, soon to join the SecAware ISMS templates.Googling for the IAAC guide led me to a cluster of FREE Directors' Guides from the IAAC offering useful, relevant guidance for senior management:Why Information Risk is a Board Level Issue - is a backgrounder including this apt and succinct explanation:"Information Risk encompasses all the challenges that result from an organisation's need to control and protect its information."Governance and Structures - describes directors' governance responsibilities relating to information risk:"Directors need to put in place the arrangements and processes by which responsibilities are distributed and significant information risk decisions are to be made and reviewed."Information Risk Management Approach - encourages directors to support the remainder of the organisation in fulfilling their responsibilities for information risk, ensuring strategic alignment between risk management and business objectives.Realising the Benefits - outlines the business benefits of good information risk management in terms of: efficiency; agility; manageability; exploitation of new opportunities (more confidently expanding into new areas of business); customer retention; brand strengthening; cost-efficient compliance; and dealing efficiently with incidents."Good information risk mitigation supports organisational strategies and tactical agil |
| Envoyé | Oui |
| Condensat | hear 2015 about acknowledge actions actively actually advantage advice advisory aggregate agility agility; alignment all although any approach apt are areas arrangements aspect: assurance assurance:scenarios aug avoid awareness back backgrounder based basis become beneath benefits between beyond board both brand brief briefing briefly bumped business can case challenges change cluster colourful complex compliance compliance; compliant concern concerns confidently continuity control corporate cost council creating culture culture customer cyber deal dealing decisions describes develop diagram didn directors discusses distributed does double each efficiency; efficient efficiently elsewhere emphasise encompasses encourages engaging ensure ensuring etc ethical example expanding expectations expected explaining explanation: exploitation exploiting find five free from fulfilling further get going good googling governance grow guidance guide guided guides handling handy has have hear here how iaac idea incidents include including incomplete information informing initiatives inspired involved isms isolation issue issues its join just kinds laws leaders leaflet led legislation level liabilities like limiting made manageability; management management:why mandatory materials mention mentioning: mentions might minimum mitigated mitigation more morphed most mostly motivating must nblog need new nor normally not notice now objectives obviously of: offensive offering officers often on information only opportunities organisation organisational other out outlines overlooked page parties penalties people personal place planning policies portray position preferred principles privacy proactive procedures process processes projects promotes proportion protect put raising rather realising reckoning regs regular regulation relating relevant remainder resilience responsibilities result retention; review reviewed risk risk: risks route scratch security see senior should sided significant situation situations some soon sound staff stands strategic strategies strengthening; strong structures studies succinct sufficient support supports surface tactical take taking templates terms than the secaware them things third through time tolerance topics touching towards understanding useful uses valuable very vulnerabilities what which words would |
| Tags | Studies Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.