Information Security and Maintenance

---

Information Security Maintenance

Objectitives:

• Understand the need for ongoing maintenance of the information security program
• List the recommended security management models
• Define a model for a full maintenance program
• Identify key factors involved in monitoring the external and internal environment
• Describe the process of aquiring, analyzing and maintaining potential evidentiary material

• Describe how planning, risk assessment, vulnerability assessment, and remediation tie into infofrmation security maintenance
• Explain how to build readiness and review procedures into information security maintenance
• Define digital forensics and describe the management of the digital forensics function

---

Introduction

After sucessfully implementing and testing new and improved information security profile, an organization may beginfeeling more confident about the level of protection it is providing for its information assets. But not so fast: The threats that were originally assessed have most likely changed and new priorities have emerged. Developing a comprehensive list of all possible factors in an organization's environment is an important goal to work towards.

---

Documents Needed:

• PDF Slides
• Crossword Puzzel
• Glossary

Work Due in Class

• Questions for Chapter 12

Additional Resources

1. Computer Forensics Investigator

http://www.jobprofiles.org/govcpolice1.htm

1. SANS Reading Room – Penetration Testing

http://www.sans.org/reading_room/whitepapers/testing/ 

1. Business Software Alliance – Information Security Governance

http://download.entrust.com/resources/download.cfm/20935/ 

1. High Tech Crime Institute

http://www.hightechcrimeinstitute.com/

1. High Tech Crime Network

http://www.htcn.org/

Related Videos