Introducing the Assessment Process
The assessment process can be carried out in one of three ways: level I, level II, or level III types. A level I assessment is focused on information. Level I assessments require you to request and review all the security policies and procedures the organization has. This job has been simplified because the documentation has been broken into 18 distinct classes, which are shown in Table 7.1. Each of the classes of policies will be discussed in this chapter. After these documents are reviewed, you can progress to employee interviews. The interviews are with the people who carry out the day-to-day tasks outlined in the various policies that were reviewed. They will be able to provide you with valuable information ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
