Security Procedures - 5.1
Summary
Security procedures involve formal processes for managing changes, onboarding/offboarding users, incident response through playbooks, and continuous monitoring and revision, all governed by centralized or decentralized structures to maintain organizational security and compliance.
Notes:
Change Management
- A formal process for identifying, requesting, approving, and executing changes to systems or policies. The process usually involves assessing the scope of the change, identifying potential risks, and ensuring rollback options are in place in case of issues.
Onboarding/Offboarding
- The process of provisioning (onboarding) or deprovisioning (offboarding) users by adding or removing access to organizational resources, ensuring appropriate permissions and access rights are granted or revoked.
Playbooks
- Detailed procedures and predefined steps for responding to specific incidents (e.g., DDoS attacks, malware infections). Playbooks ensure that incident response teams follow a consistent and structured approach to managing security events.
Monitoring and Revision
- The continuous process of monitoring and revising security policies and procedures to adapt to emerging threats, vulnerabilities, and changes in the organization's security environment.
Types of Governance Structures
- Board: A high-level governing body responsible for defining the strategic direction and policies for the organization.
- Committees: Groups tasked with executing the directives set by the board, often specializing in areas like IT governance or security.
- Government Entities: Public-sector organizations responsible for enforcing governance in government and public-facing institutions.
- Centralized/Decentralized: In centralized governance, decision-making authority is concentrated within a single body or location, while decentralized governance distributes authority across multiple locations or individuals.