Risk assessment
Managing the uncertainties of a threat.
Application Development
Ensuring your applications are architected, designed and coded to high, secure standards.
Security policy
Define management direction.
Organization of information security
Governance of information security
Asset management
Inventory and classification of information assets.
Human resources security
Security aspects for employees joining, moving, and leaving an organization - Identity and Access Management (I&AM).
Physical and environmental security
Protection of the computer facilities.
Communications and operations management
Management of technical security controls in systems and networks.
Access control
Restriction of access rights to networks, systems, applications, functions and data
Information systems acquisition, development and maintenance
Building security into applications
Information security incident management
Anticipating and responding appropriately to information security breaches
Business continuity management
Protecting, maintaining and recovering business-critical processes and systems.
Compliance
Ensuring conformance with information security policies, standards, laws and regulations