One of the most critical elements for Management to develop in regards to Cybersecurity is the Information Systems Security Plan (ISSP). According to the SANS Institute; The purpose of the system security plan (SSP) is to provide an overview of the security requirements of the system and describe the controls in place or planned, responsibilities and expected behavior of all individuals who access the system. This critical document combined with your risk management framework, operational policies and procedures documents ultimately make up the core of your overarching security plan as a go-forward for your organization. Below you find a sample ISSP that I developed as part of my USD CSOL Masters work for a fictitious organization.
sample_issp.pdf | |
File Size: | 516 kb |
File Type: |