The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
|
Remember that your primary goal is to administer an innovative CIAPP that minimizes information protection risks at least impact to costs and schedules, while meeting all of IWC's and customers' reasonable expectations.
You must have as your objectives at least the following:
-
Enhance the quality, efficiency, and effectiveness of the CIAPP.
-
Identify potential problem areas and strive to mitigate them before they adversely affect processes, and especially before IWC management and/or customers identify them.
-
Enhance the company's ability to attract customers because of the ability to efficiently and effectively protect their information.
-
Establish and manage the InfoSec organization as the leader in the widget industry.
|