chapter02

chapter02 - Management of Information Security 2-1 Chapter...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Management of Information Security 2-1 Chapter 2 Planning for Security Chapter Overview In this chapter, the reader will come to recognize the importance of planning and learn the principal components of organizational planning as well as gaining an understanding of the principal components of information security system implementation planning as it functions within the organizational planning scheme. Chapter Objectives When you complete this chapter, you will be able to: Recognize the importance of planning and describe the principal components of organizational planning. Know and understand the principal components of information security system implementation planning as it functions within the organizational planning scheme. Introduction In general, a successful organization depends on proper organizational planning. In a setting where there are continual constraints on resources, both human and financial, good planning enables an organization to make the most out of the resources at hand. Planning usually involves groups and organizational processes internal or external to the organization. They can include employees, management, stockholders, other outside stakeholders, the physical environment, the political and legal environment, the competitive environment, and the technological environment.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Management of Information Security 2-2 The major components of a strategic plan include the vision statement, mission statement, strategy, and a series of hierarchical and departmental plans. Developing the organizational plan for information security depends upon the same planning process. Since the information security community of interest seeks to influence the broader community in which it operates, the effective information security planner should know how the organizational planning process works so that participation in the process can yield meaningful results. The dominant means of managing resources in modern organizations, planning is the enumeration of a sequence of action steps intended to achieve specific goals, and then controlling the implementation of these steps. Planning provides direction for the organization’s future. Organizational planning should be undertaken using a top-down process in which the organization’s leaders choose the direction and initiatives that the entire organization should pursue. The primary goal of the organizational planning process is the creation of detailed plans: systematic directions on how to meet the organization’s objectives. This is accomplished with a process that begins with the general end ends with the specific. Components of Organizational Planning The mission statement explicitly declares the business of the organization, as well as its intended areas of operations. It is, in a sense, the organization’s identity card. Mission
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 21

chapter02 - Management of Information Security 2-1 Chapter...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online