APPENDIX 2: ISM ACTIVITIES
There are many activities or tasks that an ISM has to contend with and they obviously can’t all be done in one month. You need to try and spread your activity across the year with some level of planning, so that you are not constantly fire-fighting. Below are the key headlines from each of the chapters, represented as task points for an ISM to focus on.
ISM activities – January
• Embedding security culture
• Desktop refresh and consumerisation
• Incident reporting
• Data-sharing protocols/information sharing agreements
• Records management
• Penetration testing
• Environmental management issues
ISM activities – February
• User administration (and rights management)
• Inventory management
• Review back-up arrangements ...
Get Once More Unto the Breach: Managing information security in an uncertain world now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
