MD
Uploaded byMarcel Dera
PDF, PPTX42 views

Security Framework

This document outlines security controls and processes across four key areas: security management, access controls, contingency planning, and configuration management. It details activities like regularly reviewing and updating security documentation, performing account reviews to remove inactive accounts, testing contingency plans and backups, managing patches and vulnerabilities, monitoring networks and logs, and ensuring proper configuration management. The overall goal appears to be maintaining strong security practices and controls across the organization.

Embed presentation

Download as PDF, PPTX
Framework Security Management Access Controls Contingency Planning Configuration Management Security Management – Review and update key security documentation Accounts Management – period reviews to ID and remove generic and inactive accts on systems and networks. Contingency Plan Baseline Configuration/Configuration Settings Process to ensure contractors complete Security Authorization Packages. Monitor production environments for individuals with elevated system privileges Contingency Plan Testing Patch and Vulnerability Management (database platforms & networks) Background investigations Monitoring network and audit logs and maintain in accordance with policies. Alternate Processing Approved and unapproved software, process for monitoring, presenting installation and removing unauthorized software. Ensure Position Descriptions are appropriately marked for position risk and sensitivity levels. Backup Testing Process to ensure closed issues are adequately supported with appropriate documentations Building a house on the right frames
24 Hours Configuration Management Access Control Contingency Planning Security Management Vulnerability Assessment Auditing

More Related Content

PPT
Network security
byNur Aishah Roslan
 
PDF
Professional Roles and Responsibilities
byMahesh Hiremath
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 1: Exam
byDonald E. Hester
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
byDonald E. Hester
 
DOC
Knowedge Skills Ability
byJoseph Lynn
 
PPTX
Automating for NERC CIP-007-5-R1
byTripwire
 
PPT
NIST 800-37 Certification & Accreditation Process
bytimmcguinness
 
PPTX
FISMA NextGen - Continuous Monitoring, Near Real-Time Risk Management
bydanphilpott
 
Network security
byNur Aishah Roslan
 
Professional Roles and Responsibilities
byMahesh Hiremath
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 1: Exam
byDonald E. Hester
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
byDonald E. Hester
 
Knowedge Skills Ability
byJoseph Lynn
 
Automating for NERC CIP-007-5-R1
byTripwire
 
NIST 800-37 Certification & Accreditation Process
bytimmcguinness
 
FISMA NextGen - Continuous Monitoring, Near Real-Time Risk Management
bydanphilpott
 

What's hot

PDF
Vulnerability Scans & Penetration Test Comparison Chart
byI.S. Partners, LLC
 
DOC
Professional Roles and Responsibilities
byMahesh Hiremath
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 6: Categorize
byDonald E. Hester
 
PDF
Practical IT auditing
byFrederick Altum Pokoo-Aikins
 
PPTX
RMF Roles and Responsibilities (Part 1)
byDonald E. Hester
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 10: Authorize
byDonald E. Hester
 
PDF
Information Security Continuous Monitoring within a Risk Management Framework
byWilliam McBorrough
 
PPTX
Security and Risk management in SDLC Software development Life cycle
bySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
DOC
Professional Roles and Responsibilities
byMahesh Hiremath
 
PDF
fsp_22Sep15
byFelicia Pearson
 
PDF
Understanding the Risk Management Framework & (ISC)2 CAP Module 7: Select Con...
byDonald E. Hester
 
PPT
Isa 4
byDarshan Kumar
 
PPTX
Ceps departmental environment
bycepsuclan
 
PDF
NIST cybersecurity framework
byShriya Rai
 
DOCX
Network Security Expert and Risk Analyst
byAshok K DL
 
PPT
The security sdlc
byMohamed Siraj
 
PPTX
Geist Presentation
bystacygriggs
 
PDF
ClinMetanoia_Single
byRaghuveer Swarnapuri
 
DOC
01-15a
bySusan Walser
 
PPTX
Continual Monitoring
byTripwire
 
Vulnerability Scans & Penetration Test Comparison Chart
byI.S. Partners, LLC
 
Professional Roles and Responsibilities
byMahesh Hiremath
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 6: Categorize
byDonald E. Hester
 
Practical IT auditing
byFrederick Altum Pokoo-Aikins
 
RMF Roles and Responsibilities (Part 1)
byDonald E. Hester
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 10: Authorize
byDonald E. Hester
 
Information Security Continuous Monitoring within a Risk Management Framework
byWilliam McBorrough
 
Security and Risk management in SDLC Software development Life cycle
bySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Professional Roles and Responsibilities
byMahesh Hiremath
 
fsp_22Sep15
byFelicia Pearson
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 7: Select Con...
byDonald E. Hester
 
Isa 4
byDarshan Kumar
 
Ceps departmental environment
bycepsuclan
 
NIST cybersecurity framework
byShriya Rai
 
Network Security Expert and Risk Analyst
byAshok K DL
 
The security sdlc
byMohamed Siraj
 
Geist Presentation
bystacygriggs
 
ClinMetanoia_Single
byRaghuveer Swarnapuri
 
01-15a
bySusan Walser
 
Continual Monitoring
byTripwire
 

Similar to Security Framework

PPTX
Security Baselines and Risk Assessments
byPriyank Hada
 
PPTX
Database development and security certification and accreditation plan pitwg
byJohn M. Kennedy
 
PDF
Ch08 8 Information Security Process it-slideshares.blogspot.com
byphanleson
 
PDF
The New Normal - Rackspace Solve 2015
byMajor Hayden
 
PDF
Understanding security operation.pptx
byPiyush Jain
 
PPTX
Cybersecurity Framework Luncheon Presentation 1-18-18.pptx
bytrinirebel1
 
ODP
Cissp Week 23
byjemtallon
 
PPT
Cyber crime with privention
byManish Dixit Ceh
 
PPTX
Security & control in mis
byVishal Patyal
 
PPT
Compliance Awareness
byDinesh O Bareja
 
PPT
SOC presentation- Building a Security Operations Center
byMichael Nickle
 
PPTX
IT Security Protecting Data and Ensuring System Integrity.pptx
byAltius IT
 
PPTX
Funda mental of information CHAPTER TWO.pptx
byjamsibro140
 
PDF
Ch09 Information Security Best Practices
byphanleson
 
PDF
Better security through IT operations
byslighltyanon
 
PPT
Security For Outsourced IT Contracts
byBill Lisse
 
PPTX
providenetworksystemadministration.pptxhnnhgcbdjckk
bykebimesay23
 
PDF
Implementing a Security Management Framework
byJoseph Wynn
 
PPTX
Building a database security program
bymatt_presson
 
PPTX
chp unit 1 Provide Network System Administration.pptx
byTadeseBeyene
 
Security Baselines and Risk Assessments
byPriyank Hada
 
Database development and security certification and accreditation plan pitwg
byJohn M. Kennedy
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
byphanleson
 
The New Normal - Rackspace Solve 2015
byMajor Hayden
 
Understanding security operation.pptx
byPiyush Jain
 
Cybersecurity Framework Luncheon Presentation 1-18-18.pptx
bytrinirebel1
 
Cissp Week 23
byjemtallon
 
Cyber crime with privention
byManish Dixit Ceh
 
Security & control in mis
byVishal Patyal
 
Compliance Awareness
byDinesh O Bareja
 
SOC presentation- Building a Security Operations Center
byMichael Nickle
 
IT Security Protecting Data and Ensuring System Integrity.pptx
byAltius IT
 
Funda mental of information CHAPTER TWO.pptx
byjamsibro140
 
Ch09 Information Security Best Practices
byphanleson
 
Better security through IT operations
byslighltyanon
 
Security For Outsourced IT Contracts
byBill Lisse
 
providenetworksystemadministration.pptxhnnhgcbdjckk
bykebimesay23
 
Implementing a Security Management Framework
byJoseph Wynn
 
Building a database security program
bymatt_presson
 
chp unit 1 Provide Network System Administration.pptx
byTadeseBeyene
 

Security Framework

  • 1.
    Framework Security Management AccessControls Contingency Planning Configuration Management Security Management – Review and update key security documentation Accounts Management – period reviews to ID and remove generic and inactive accts on systems and networks. Contingency Plan Baseline Configuration/Configuration Settings Process to ensure contractors complete Security Authorization Packages. Monitor production environments for individuals with elevated system privileges Contingency Plan Testing Patch and Vulnerability Management (database platforms & networks) Background investigations Monitoring network and audit logs and maintain in accordance with policies. Alternate Processing Approved and unapproved software, process for monitoring, presenting installation and removing unauthorized software. Ensure Position Descriptions are appropriately marked for position risk and sensitivity levels. Backup Testing Process to ensure closed issues are adequately supported with appropriate documentations Building a house on the right frames
  • 2.