Information Security People Evaluation Template

ComponentScore (0–2)Comments
Strategy

  • Written information security strategy

  

  • Strategy updated on regular basis

  

  • Proactive versus reactive organization

  

  • Minimal impacts to business operations due to security issues

  

  • Industry compliance issues (for example, HIPAA) have been addressed

  

  • Industry certifications (for example, BS 7799) have been achieved

  
Components

  • Qualified leader (for example, CISSP) of organization

  

  • Experienced staff with necessary training

  

  • Dedicated information security staff

  

  • One staff per 1,000 personnel

  

  • Ongoing training program in place

  
Administration

  • Function provides regular status reports to executive staff and board of directors

  

  • Executive staff own the information security ...

Get Executive Guide to Information Security, The: Threats, Challenges, and Solutions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial