Security Process Maturity: Level 4<script type="text/javascript" src="http://www.blogger.com/static/v1/common/js/1499043574-csitaillib.js"></script> <script>if (typeof(window.attachCsiOnload) != 'undefined' && window.attachCsiOnload != null) { window.attachCsiOnload('ext

by Steven McElwee

Level four of ISM³ adds the remaining security processes in the model. This level requires the highest investment, but provides the highest level of protection against technical and internal threats. The security processes in this level are necessary if your organization operates in a highly regulated environments with information assets that are targets for attackers. Examples include stock exchanges, financial institutions, and utilities.

The operational security processes for level 4 are:

Enhanced reliability and availability management
Information archiving
Information quality and compliance probing
Events detection and analysis
Forensics

If level four fills in the remaining security processes, what's left for level five? Tomorrow's post will move us from managing security processes to measuring and continuously improving them.

Labels: Security Process

1.31.2008

Security Process Maturity: Level 4

0 Comments:

Links to this post:

Categories

Get Updates

Previous Posts