Information Technology Reference
In-Depth Information
holistic view and address every detail in the context of the whole. The core reason
for the existence of the organization is not to be more secure; rather, being more
secure increases the likelihood that the organization will fulfill the core reasons for
its existence.
he IA 2 F presents various views and phases of identifying risk and addressing
that risk. The IA 2 P demonstrates how to apply the IA 2 F in a business situation.
The IA architect uses the frameworks along with the IA 2 F in a living, ever-evolv-
ing risk management process that establishes an IA baseline from which continual
review and improvement proceed.
The ISO 9000 quality management standard uses a cycle of plan-do-check-act
that roughly equates to idea conception, architect, and engineer (plan); implement,
test, and deploy (do); verify accuracy and effectiveness by monitoring and review-
ing operations (check); and maintain and improve according to emerging business
needs and risks (act). To increase the effectiveness of your security management
program, institute this or a similar quality management framework as an overarch-
ing guide to the effective application of IA 2 as an enterprise risk management tool.
Search WWH ::




Custom Search