Security Awareness

  

Company Description (Tech Lopes)

Tech Lopes delivers expert level IT support. We handle both software and hardware issues, as well as general maintenance and IT consultation. We have IT experts ready to provide assistance and results on data recovery, hardware repair, virus removal, and general IT support. We work with all brands of computers, smartphones and tablets in relation to both hardware and software.

Mission: 

Our mission is to provide fast, expert level IT Support and educate our customers on simple IT solutions.

Vision:

Our vision is to become the most reliable IT Support Company for consumers, and small businesses. 

QUESTIONS;

Create an Information Security Strategy Plan. Use the following outline. For each section use the heading provided and address each bulleted point.

IS Mission Statement

· Explain why you are creating this plan and what the security department hopes to achieve for the business by its implementation.

Introduction 

· Explain how this document will set priorities for the entire organization and provide standards and guidelines for reducing risk associated with computing environments.

Governance

· Explain what Information Technology roles your organization has (CIO, CISO, CISSO, etc.) and their descriptions and responsibilities. Who is leading the efforts outlined in this plan?

Strategic Objectives

· Outline strategic objectives that define where your organization needs to be to effectively manage security risks to its information assets such as:

o Data Loss Prevention

o Risk Management

o Crisis and Security Incident Management

Key Initiatives

· Expound upon programs that can be implemented to meet your strategic objectives. Include a description of each, and explain what objectives the program enables as well as its key benefits.

· Example: Initiative 1 – Information Security Awareness Training 

o Enables Objectives – Data loss prevention, improved security of system and network services, proactive risk management and crisis and security incident management 

Description – Make available information security awareness training, which serves to inform employees of their responsibilities for protecting the information in their care. To further engage the user community, the security office will work to develop a variety of information-sharing forums to include electronic and live mediums. 

o Key Benefits 

§ Better awareness of security threats and their impact on information assets 

§ Fewer security incidents 

§ Common knowledge for all staff

Tags: No tags