Tag Archives: mobile security

5 Steps to IT Excellence – Step 2: Risk & Impact

In our last post, we covered the Overall Assessment, which is largely a data gathering step. By now we should have a spreadsheet of potential projects, along with a WHOLE LOT more knowledge about the overall IT environment. We should understand the general flow of data, primary systems and integration points, overall network layout, and any existing policies. We should also have a good general understanding of vendor and staff skillsets. Next, we’ll build out the risk/impact prioritization – starting with the spreadsheet we created in our first step.

About Security Policies

Perhaps this has happened to you…
I was just starting to feel like I have control over the number of tasks I need to complete, when I get the following request from our quality group – there are 9 expired IT policies that need to be reviewed, revised, and approved. A quick review shows that some require a total rewrite.