Source: Click Here
This article defines the knowledge management system -the Enterprise Security Architecture System (ESAS) developed by PriceWaterhouseCoopers.The ESAS is primarily built upon the PPT(People,Policy & Technology).
What is PPT methodology?
PPT methodology can be depicted in the
form of the venn diagrams showing the
controls as three core elements. If the issue is broken down into the three core elements, action items can be determined for each core element. In this manner, control coverage can be moved from one element to two, and ultimately to coverage by all of the elements.
Understanding the Security Framework:
The Information security framework provides the overall model for developing comprehensive security programs.The framework illustrates an enterprise approach for security.
The key elements, also referred to as the "Four Pillars" to Information Security, include:
- Solid Senior Management Commitment
- An overall Security Vision and Strategy
- A comprehensive Training and Awareness Program
- A solid Information Security Management Structure including key skill sets and documented responsibilities
This indeed serves as a good base to frame a security model for any organization.Keeping the phases as a guideline to incorporate the business functions and levels of security will serve to make a difference in protecting the organization's valuable assets and enable the security team to work on improving every bit of the model.
No comments:
Post a Comment