Information security
-
Understand the information security lifecycle
- Understand what information and ICT systems you need to protect
- Assess the risks to your information security
- Design fit-for-purpose information security measures
- Implement your information security measures
- Validate your security measures
- Operate and maintain to stay secure
- Review your security measures
- Retire information securely
INF005
Creating a security culture
Everyone in your organisation needs to be part of your security culture, otherwise your security processes and tools won’t be effective.
It only takes one malicious email attachment to potentially compromise your entire organisation. You need to make sure your people and partners:
- understand the security risks
- understand your information security policies
- adopt the right security behaviours.
To get everyone on board, it is critical to provide security awareness training and ongoing support.
Your chief information security officer (CISO) or other senior manager is responsible for your organisation’s information security, in line with the overall protective security policy.
Page last modified: 4/05/2022