A Security Plan is the definition and prioritization of a set of projects concerning information security aimed at reducing the risks to which the organization is exposed and ensure proper management of information security.
For the aproppriate development of the Master Plan Security is necessary to analyze the initial situation where the strategic objectives of the company are collected, the definition of the scope and obligations and good security practices to be met in the organization.
In the Seciruty Director Plan organizational aspects both human and technical procedural aspects associated with the security of information systems will be taken into account.
AUDEA take as a base the standard where Good Practice for the Management of Information Security (ISO 27002) are collected, and all the standards that are applicable specifically to the organization as aspects related to Cybersecurity (vulnerability analysis, ethical hacking, system security audits, etc.)
Ensure information security in the organization
- Cost reduction
- Define implementation priorities, dates, costs and resources
- Establish a project plan in the short, medium and long term
- Establish concrete measures