NCJ Number
100245
Journal
Computer Security Journal Volume: 3 Issue: 2 Dated: (Winter 1985) Pages: 31-38
Date Published
1985
Length
8 pages
Annotation
Steps for effective strategic planning in the area of computer security are outlined, including establishing a baseline assessment, developing a strategic perspective, understanding requirements, and enlisting user cooperation.
Abstract
The proactive and integrated approach begins with a baseline assessment to identify systems capabilities, strengths, and weaknesses. A perspective is then developed based on a sense of the strategic directions and priorities that drive the user communities in the organization. This information is used to build a security information architecture to aid in clearly understanding who needs what information and what exposures are associated with providing that information. It is also necessary to analyze the technology lifespan and project the organization's future information needs. A delivery strategy and master plan is developed based on sound management principles. The assessment of the security function and master plan and its objectives should be presented to all levels of management.