IT Security Management: a process used to achieve and maintain appropriate levels of confidentiality, integrity, availability, accountability, authenticity and reliability. IT security management functions include:
developing and implement a security awareness program
detecting and reacting to incidents
ISO 27000 Security Standards
IT Security Management Process
Plan - Do - Check – Act (Deming Cycle)
establish policy; define
objectives and processes
implement and operate
policy, controls, processes
assess and measure
and report results
take corrective and
preventative actions
(based on audits)