資源描述:
《aber best practices in security governance外語英文電子書》由會員上傳分享,免費(fèi)在線閱讀��,更多相關(guān)內(nèi)容在教育資源-天天文庫�����。
1�、AberdeenGroupBestPracticesinSecurityPowerPackResearchSeriesSeptember2005AberdeenGroupBestPracticesinSecurityGovernanceJune2005BestPracticesinSecurity:GovernanceRecommendationsforActionAberdeenrecommendsthatorganizationstakethefollowingactionstoimproveperform-ancewhenitcomestogoverningsecuri
2����、typrograms:?Gobeyondobviouspolicystatementsandimplementveryspecificstandardsfortheorganizations.?Makesurestandardscanbetranslatedintoprocesses,knowledgeanddata,andthecontrolsthatareimplementedinnetworks,infrastructureandinformation.?Placeresponsibilityforchampioningandmaintainingstandardsin
3、thecentralsecu-ritygroup.?Automatesecuritytestingauditsfortheenterpriseandwiththefirm’ssuppliers,busi-nesspartners,andsignificantcustomers.?Acceptablerisklevelsshouldbeagreedtoatabusiness-unitlevel.?Fundcorporatesecurityfromaminimumbaselineforcommoditypurchasingrequirements.?Funddivisionals
4�����、ecurityfromagilityandriskprofilesalongwithongoingriskas-sessments,changesinbusinessoperations,andaudittestresults.?Correlatesecurityeventsbybusinessdivisionandacrosstheorganizationforbusi-nessagilityandriskimpacts.?Implementautomatedremediationwhereverpossibletotakehumanerrorandomis-sionout
5、oftheloop.?Deliverbusinessviewsofagilityandriskintheformofsecuritydashboards.?Employpredictivesimulationstoprioritizeresourcesandenableresponsetobusinesschange.AllprintandelectronicrightsarethepropertyofAberdeenGroup?2005.AberdeenGroup?iiiBestPracticesinSecurity:GovernanceExecutiveSummaryKe
6��、yBusinessValueFindingsixprimarybusinesspressuresaredrivingelectronicsecurity.ThefirstthreeareSexternalpressuresthatareintimatelylinkedtomarketperformanceandvaluation.ThelastthreeareintimatelylinkedasITsecurityandexternalauditsthatarein-creasinglyrelyingonmoresophisticatedautomationtoolstofe
7���、rretoutsecurityandcom-pliancegaps.Thepressuresare:1)Agileaccesstoinformationtosupportglobaltrade;2)Leakageofcustomerandconfidentialdata;3)Financialandoperationallossesfromcompromisedanddisruptedbusinessoperations;4)Sharpenedregulatoryoversightandincreasi
