The operations department and team are responsible for the ongoing operation and maintenance of the information systems. Their daily activities are driven and controlled by policies, standards, procedures, baselines, and guidelines. These policy documents are infused with the security intentions and controls that have been identified and implemented by legal and regulatory compliance requirements, by risk assessment and risk management, disaster recovery and business continuity, and the data classification components of the security program. Although operations is instrumental in the proper maintenance of the security of the information systems of the enterprise, its focus is usually on maintaining the availability of the ...