One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 409087 |
| Date de publication | 2017-09-04 15:31:24 (vue: 2017-09-04 15:31:24) |
| Titre | NBlog September 4 - InfoSec 101 elevator pitch, final part |
| Texte | Moving on from our discussion of the first two paragraphs of this month's elevator pitch paper in part 1 and part 2, here's the closing paragraph:As a manager, you play a vital governance, leadership and oversight rôle. Please make the effort to engage with and support the security awareness program, discuss information risk and security with your colleagues, and help us strengthen the corporate security culture. In classical marketing terms, it's the call-to-action for people who have been lured and hooked. Having presented our case, what do we actually want them to do? Compared to the preceding two, the third paragraph is quite long. While we could easily have dropped the first sentence, it serves a purpose. It shows deference to the management audience, acknowledging their influential and powerful status, gently reminding them that they are expected to direct and oversee things. Essentially (in not so many word), it says "Pay attention! This is an obligation, one of your duties as a manager."The final sentence, including those three words in bold, was especially tricky to write for the InfoSec 101 module. What is it, exactly, that we expect senior managers to do in relation to this very broad introductory-level topic? Think about that question for a moment. There are many possible answers e.g.:Show leadershipDemonstrate commitmentSupport the Information Security Management System (in an ISO27k organization)Get actively involved in information risk and security management activities, such as risk assessment and risk treatment decisionsRaise the profile and priority of information risk and security mattersProvide adequate resources to do this stuff properly for once (!)Encourage or enforce compliance |
| Envoyé | Oui |
| Condensat | please compared i so we while 101 :show a thought about acknowledging action actively activities actually adequate along already although amount an iso27k organization another answers e are areas as: asking assessment attention audience august awareness because been behaviors being between blaise bland blog bold broad business but buy call can carefully case celle challenge classical clearer closing coherent colleagues commitmentsupport compliancein compose consider content context could couldn courte cue culture customers cyber cyberinsurance decisions decisionsraise deference deliberately delivered demonstrate departments dependent devastating if they differently difficult direct discrete discuss discussion disproportionate distinct don doubt dropped duties each easily effort elevator encourage end ended energy enforce engage enough entire especially essentially exactly exercise expanding expect expected explain explicit faire fait final first fishing focus form from gamble gently get google governance had has have having help hence here hooked hope hundred impact implicit inappropriate incidents including individual influence influential information infosec instance insurance intellectual introductory involved items job just lame leadership leadershipdemonstrate least leave leisure level like lines linking loisir long longer longue lured made make management manager managers many marketing materials mattersprovide maximum may message messages module modules moment month more moving much nblog next non not obligation obvious obviously occurred: once one only other otherwise out over oversee oversight paper paragraph paragraph:as paragraphs parce part pas pascal: passion pathetic pay people pieces pitch play plus point pointless possess possible powerful practice preceding premium prepare presented priority profile program prompted properly prove provoking purpose que question question: quite raise rather relation reminding resonate resources result rise risk rôle save say says security seed selected senior sense sentence september series serious serves settled short shorter should shows simply situation some something sown specific specify spotlight status strengthen stuff such support supporting system take taken taking terms than the corporate them things think third those thousand three time to do to do in together topic topics translates treatment tricky trying turn two understanding units unnecessary usually value various vary very vital want way what when which who why will without word words worth would write writing yet your |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.