To enable members of an organisation wherein Information Security [InfoSec] management is of importance, a summary of the principles and practices of InfoSec is required. This guide was created with the intention of providing a concise resource and reference point for Security Consultants in relation to InfoSec management.
For this guide, relevant information was collected and utilised from various sources regarding the principles and practices of InfoSec Management within organisations.
A brief narrative on the history of InfoSec is provided. Key topics and concepts of InfoSec management are discussed for the sake of clarity on the subject matter.
Some statistical information is provided demonstrating primary concerns related to InfoSec breaches and the fiscal consequences of those violations.
This guide concludes by confirming that InfoSec Management is a critical component of an organisation and that awareness training amongst its personnel is a crucial factor for the success of an InfoSec program and the security of an organisations information.