- Posted by fedco
- On April 17, 2015
- it security, it security assurance, it security assurance lifecycle
IT security assurance lifecycle is consist of several entities that drive the achievement of the secure IT environment during the system lifecycle.
The lifecycle are:
1. Strategic Planning
2. Asset Characterization and Management
3. Risk Assessment and Management
4. Security Controls and Counter Measures
5. IT Security Audit and Assessment
6. Controls Catalog Management
7. Deployment and Execution
8. Sustainability Management
The IT security assurance lifecycle is a common approach in order to achieve the sustainable secure IT environment in the respective organization. The whole process actually is a long term process with several activities driven the project implementation, policy development, resources capability enhancement, corporate security culture, etc.
Those activities are not simple things to do but also it is not impossible, the key is the corporate involvement and management buy in to adhere and commitment in the IT security assurance implementation across the step-by-step cycle process.
The bottom point that should be taken into important notice is the essential of having IT security awareness within the organization from bottom to up and top down approach. By having this condition then the IT security assurance can be achieved with the developed security culture in the corporation.