Despite our best efforts, sometimes things go wrong. The best way to handle situations should they arise, is to have a plan to act in advance, and keep that plan updated when threats change. This not only covers risks to your data by bad actors but plans in the event of a server outage or a natural disaster as a few examples.
tugboatlabs
Your formal Change Management Process will guide you through the planning and implementation of your changes. Documentation and approval need to cover all the changes in terms of software, enhancements, applications and any other systems or elements the changes will involve or touch.
Change happens whether we like it or not, and that holds true for an organization’s systems and offerings. Keeping track of these changes might be a tedious task, but critical for knowing when changes happened and who made them.
Creating a plan for Security Awareness Training is only half the battle. Implementing and ensuring that your employees follow that plan regularly is the key to implementing this control. Also, investing in training and security awareness programs is vital for sustainable business growth and success.
How you train your employees will largely determine their effectiveness and adherence to company policies. While many practices can be common sense and their skills catered specifically to the job they were hired to perform, a training plan can go a long way to ensure that elements of your organization stay safe, secure and run as smoothly as possible.
Evaluating and assessing your employees regularly will maintain momentum and ensure they continue to fulfill the requirements of the job.
Control of the Week #9 – Employee Handbook and Code of Conduct, and Code of Ethics This week’s controls are on the Employee Handbook and Code of Conduct, and Code of Ethics. Jose Costa (CISO at Tugboat Logic), Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic), and Chika Nwajagu (Senior Security Analyst … Employee Conduct Standards: Know the Code(s)
Control of the Week #8: Background and Reference Checks This week’s control is on background and reference checks. Jose Costa (CISO at Tugboat Logic), Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic), and Chika Nwajagu (Senior Security Analyst at Tugboat Logic) explain why user background and reference checks can be important to … Background Checks: Super Sleuthing for Your Security
Control of the Week #7: Password Control This week’s control is on passwords. Jose Costa (CISO at Tugboat Logic), Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic), and Chika Nwajagu (Senior Security Analyst at Tugboat Logic) explain why user password control is important and how you can implement it for your audits. … How to Make Your Passwords Pass Audits
Control of the Week #6: Administrative Access This week’s control is on risk assessments. Jose Costa (CISO at Tugboat Logic), Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic), and Chika Nwajagu (Senior Security Analyst at Tugboat Logic) explain why administrative access is important and how to conduct them in five steps. Why … Security Controls, Explained: Admin Access
Employee offboarding is difficulty time. Along with the implications to emotions and morale, you’ll need to ensure that your IT team properly revokes all access to maintain security policies. In this article, Jose Costa (CISO at Tugboat Logic), Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic), and Chika Nwajagu (Senior Security Analyst … IT Employee Offboarding Checklist
User Access Review This week’s control is on user access review. Jose Costa (CISO at Tugboat Logic) and Harpreet Shergill (Senior Manager, IS Risk & Compliance at Tugboat Logic) explain why user access review is important and how you can implement it for your audits. What Is a User Access Review Procedure? “AC3.7 – User … How to Conduct User Access Review