Business security plan - Security Plan Outline

Business security plan

Security Plan Outline

 

ISSC 498

American Military University

 

The success of a business depends as much on its productivity as its reputation – both that cannot be guaranteed if the data, infrastructure and or resource of the business cannot be made safe from threats both natural and man-made. From the smallest business to giant corporations, preserving assets is one of the cornerstones of ensuring the longevity of the enterprise. Long gone are the days where Information Technology professional were thought of to be simply confined to an office and only interreacted with the rest of a company when a resource or asset is to be troubleshooted. In the same light, as much as it has become clear over the year that an effective security plan is the one who does not demise the active involvement of any employer of the concerned business. A good security plan suited for the specific needs of an enterprise is the very first step in ensuring an excellent reputation and productivity.

I- Introduction

II- Risk Assessment

A- Asset inventory

1- Physical assets

2- People Asset

3- Information Asset

B- Assess threats

1- Insider threats

2- External threats

3- Natural threats

III- Risk Management

A- Avoidance

B- Remediation

C- Mitigation

IV- Security Controls

A- Access Control

B- Operational Control

C- Technical Control

 

V- Planning & Implementation

A- Information and Initial Training of employees

B- Higher Management Involvement

C- Routine testing and adjustment of plan

VI- Conclusion