IT Governance, Risk, and Compliance

May 7 2009   11:14PM GMT

Developing Objectives – Part III

Posted by: Robert Davis
Behavioral Management
Information Asset Protection
Information Security Governance
Information Security Management
Management by Objectives
Planning Committee
Resource Allocation

A system for disseminating information security management objectives is considered fundamental to obtain employee commitment. One way to communicate entity-centric information security objectives is clear and concise policies. Information security management‘s role in policy formulation includes considering the control environment, risk assessments, information, communication, and activities. Though policies are an important means to convey expected behavior, even more critical is determining the effectiveness of adopted IT safeguarding objectives. Effectiveness evaluation requires measurement against established information security standards. Consequently, ratiocinative information security standards must be designed and implemented.

“View Part I of the Developing Objectives series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: