What is security management?
Security management is not a one time exercise. It is a continuous operation that needs to be embedded within the entire organisation.
Security management deals with controlling the confidentiality, integrity and availability of information, information systems and infrastructure for an organisation.
Security management is a continuous process with repeating steps of analysing, implementing, controlling and improving.
You are never done. Every change, whether in the business, the rules and regulations, technologies or in staff, requires a regular evaluation and adaptation.
This white paper is a product of the Geant SIG Information Security Management and describes what the management of information security
entails and how it can be implemented in an organisation.