D.1 Information Security Strategy Development

geplaatst in: Bedrijven, e-CF competenties, e-CF functies | 0

Description

Defines and makes applicable a formal organisational strategy, scope and culture to maintain safety and security of information from external and internal threats, i.e. digital forensic for corporate investigations or intrusion investigation.

Provides the foundation for Information Security Management, including role identification and accountability.

Uses defined standards to create objectives for information integrity, availability, and data privacy.

 

Levels

Level 4

Exploits depth of expertise and leverages external standards and best practices.

 

Level 5

Provides strategic leadership to embed information security into the culture of the organisation

 

Knowledge

The potential and opportunities of relevant standards and best practices

The impact of legal requirements on information security

The information strategy of the organisation

Possible security threats

The mobility strategy

The different service models (SaaS, PaaS, IaaS) and operational translations (i.e. cloud computing)

 

Skills

Develop and critically analyse the company strategy for information security

Define, present and promote an information security policy for approval by the senior management of the organisation

Apply relevant standards, best practices and legal requirements for information security

Anticipate required changes to the organisation’s information security strategy and formulate new plans

Propose effective contingency measures

 

Functies met D.1 Information Security Strategy Development competentie

ICT Security Manager