Description
Course Project: Security Plan Document should contain the following components.
- Purpose (policy statement)
- Risk assessment
- Control activities (are you using firewalls with access rules, and do you have an intrusion prevention system [IPS] or intrusion detection system [IDS]?)
- Organization of information security (roles and responsibilities)
- Accountability of assets (who is responsible for what?)
- Communications
- Incident response team
- Incident response process