|
The objective of Infomation Assurance is to ensure
that your information systems support your business objectives as
effectively and efficiently as possible.
The core of Information Assurance is the pragmatic
management of Risk - as it affects your organisation. Risk can be
managed by a combination of Security Controls and Contingency Arrangements
and plans.
Information Assurance works by Integrating the measures
you have taken to protect your organisation:
- Business
Continuity Plans and Management System (BCP and BCMS)
- Information
Security Management System (ISMS)
- Operational and Information
Risk Management systems
- Technology
- Policies and procedures
and practices
- Other management systems
- (ISO 9000, 14000 etc)
- Training, awareness and
cultural issues
This is often simpler than it looks - generally speaking there
are significant overlaps - and results in considerable savings in
terms of overhead cost and resources.
A carefully designed ongoing management strategy then allows you
to retain these savings into the future.
Our white paper on "Linking
BCP and ISM" may be of interest in this connection.
|
