X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 19 / 158

442 views

0 shares

0 downloads

0 comments

19 / 158

U.S. Department of Health and Human Services

As outlined in the NIST SP 800-100, Information Security Handbook: A Guide for Managers, the foundations of an effective information security program are as follows:

Information Security Governance;

System Security Planning (SSP);

Integration of Information Security throughout the EPLC;

Managing Risk;

Security Services and Products Acquisition;

Security Authorization (formerly Certification and Accreditation (C&A)) and Periodic Security Assessments;

Security Awareness and Training;

IT Contingency Planning (CP);

Incident Response;

Configuration Management; and

Program Performance Measurement.

Page 4 of 6

Information Security Program Management Information Security Program Elements

Document info
Document views442
Page views442
Page last viewedFri Dec 09 08:18:12 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments