Preparing for Information and Data Security

In this chapter, we will be discussing the important activities required to establish an enterprise-wide information security program with a focus on executive buy-in, policies, procedures, standards, and guidelines.

In this chapter, you will learn:

• Planning concepts associated with the information security program establishment
• Information security program success factors
• SDLC integration of the information security program
• Information security program maturity concepts
• Policies, procedures, standards, and guidelines