Security management is not a one time exercise. It is a continuous operation that needs to be embedded within the entire organisation.
Security management deals with controlling the confidentiality, integrity and availability of information, information systems and infrastructure for an organisation.
Security management is a continuous process with repeating steps of analysing, implementing, controlling and improving.
You are never done. Every change, whether in the business, the rules and regulations, technologies or in staff, requires a regular evaluation and adaptation.
This white paper is a product of the Geant GÉANT SIG Information Security Management and describes what the management of information securityentails security entails and how it can be implemented in an organisation.