Risk management: Implementation of baseline controls

This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.

Layer on baseline controls in accordance with CIA information ratings. This step ties the organization's business risks into information security controls. Many organizations are challenged with regulatory compliance and implementation of security best practices. Do not lose track of the big picture, controls are meant to insulate the business from unacceptable risk. The simple process of applying controls based upon data sensitivity...

and impact ratings will address most compliance concerns. Any deviation from baseline controls should require a formal exception approved by information security management and the business.


INSIDER THREAT MANAGEMENT GUIDE

  Introduction: Insider threat management
  Data organization and impact analysis
  Baseline management and control
  Implementation of baseline control
  Risk management audit
  Risk management references
This was first published in August 2006

Dig deeper on Security Awareness Training and Internal Threats-Information

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close