Security Planning Protocol Step 3: Risk Reduction

3-A. Identify and Evaluate Options: Create or Update Overall Security Plan

Identify desired solutions

Nature of security gap

Relevant best practices

Local capacity and resources

Available budget

Prioritize Actions

Potential organizational impact

Immediacy of threat

Cost of prevention vs. repairing damage

Time to implement

Likelihood of success

See “Security Planning Grid

3-B. Create and Implement Task-focused Action Lists

Assign responsibilities & Schedule actions

Reapply stress tests

Evaluate success

See “Security Task Worksheet”

3-C. Review & Revise Standard Operating Procedures & Policies

Analyze lessons learned

Discuss needs with decision-makers

Revise operating procedures

OUTCOME:
Implemented Security Plan
Risk Analysis and Risk Reduction process must be regularly repeated to ensure effectiveness

Categories:

6/19/2013 10:30 AM	Texas CTO Clinic
6/20/2013	CETL Exam Administration; Austin, TX
6/27/2013	Florida CTO Clinic
7/18/2013	Missouri CTO Clinic
7/19/2013	CETL Exam Administration; St. Louis, MO

• Would you know what to do if you became a cybercrime victim?

• Learn how to protect yourself & your family.

• Protect all devices that connect to Internet.

• Keep passwords stored in a safe place

• different password for every account

Consortium for School Networking (CoSN) 1025 Vermont Avenue NW, Suite 1010 Washington, DC 20005-3599 Toll Free 866.267.8747 Telephone 202.861.2676 Fax 202.393.2011		Attribution-Noncommercial

Home | About CoSN | Privacy Policy | Press Room | Contact Us