Information security frameworks

Information security
IT Decision Frameworks
Security protocols
Would you give me guide lines on developement steps and initial requirements of information security fraemeworks?

Answer Wiki

Thanks. We'll let you know when a new response is added.


I would first recommend that you itemize and classify all “types” of Data and Information. For example:

– Internal Databases
– External Databases
– Data Feeds Into the Enterprise (i.e. from External Data Sources)
– Data Feeds Leaving the Enterprise (i.e. to External Data Targets)
– Laptop Storage
– Desktop Storage
– Server Storage
– Mainframe Storage
– Internet Data
– Extranet Data
– Intranet Data
– Marketing/Communications Data & Information
– Support/Service Data & Information
– Etc.

The list can be long. However, starting with the list will help you go after each line item, individually, and show measured progress as you develop a plan and set of policies for each.

I hope this helps.


Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Subhendu Sen
    There are several ways that you can take steps for information security framework. Like identify an information security framework /standard that will be the basis of the security program. Or perform a security audit/identify risk levels and establish a priority for developing policies, procedures, and controls.You can look here for a good info:
    141,200 pointsBadges:
  • Kevin Beaver
    An important first step is to answer the question: What am I trying to accomplish? Security frameworks mean nothing without an end goal (or goals) in mind. Let us know more and we can steer you in the right direction.
    27,520 pointsBadges:
  • Jaideep Khanduja
    Information not only talks about digital information but the physical information too. Hence the three spectra that you need to take care of while creating your policies must include - all critical data in devices (databases, emails etc.), all information on paper/files/physical, and all key personnel in the organization having critical business information.
    19,565 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: