Donald Johnston
I started consulting because of my work experience in: Systems Management - processes used to manage information systems; IT Architecture - infrastructure definition & readiness; Security - Privacy and Trust; & Education - curriculum development & course delivery. <a href="http://www.maseconsulting.com" title="http://www.maseconsulting.com" target="_blank">http://www.maseconsulting.com</a>
Articles by this Author
Information Security Requires Only One Policy
- By N/A
- Published 02/6/2010
- Business Management
- Unrated
Large "P" policy vs small "p" polices
Does An Information Security Policy Create Corporate Implications?
- By N/A
- Published 02/6/2010
- Business Management
- Unrated
It's fairly easy to declare an information security policy such as “information is a valuable asset and must be protected by all personnel”; but what are the implications to your company of such a policy
For starters it means people must recognize that information is a company asset and has value, that it includes electronic and physical information as well as the spoken word, that it must be protected from unauthorized disclosure, and that no one is exempt (including the CEO and the board)
Information Security Metrics (Objectives With Measurements)
- By N/A
- Published 02/6/2010
- Business Management
- Unrated
Many people find the idea of creating Information Security Metrics to be a daunting task This article will help you by reviewing what is required to create a set of meaningful metrics for your Information Security Program
Information Asset Profiling (i.e. Characterize Your Data)
- By N/A
- Published 02/10/2010
- Business Management
- Unrated
An Information Asset Profile (IAP) will help you to characterize you information assets to ensure you're providing the necessary level of security protection An IAP is one of the primary inputs necessary for a successful threat risk assessment (TRA)
