Security Administration and Operations
The foregoing chapters of this book have focused heavily on the strategic and tactical aspects of managing an enterprise information security programme. In this final chapter the emphasis is wholly upon the day-to-day operations that keep that programme moving forward.
In this chapter you will learn about:
- Running an integrated programme of operational security management, based upon the framework set out in ISO/IEC 17799:2000;
- Developing a culture in which all personnel have direct responsibility for enterprise security;
- Raising and maintaining awareness of security issues and practices throughout the enterprise business user community;
- Using conventional personnel management processes as a ...