Jump to content
Sign in to follow this  
Guest Alex Calis

Prioritizing Functions for Small/Large Businesses

Recommended Posts

Guest Alex Calis

In creating a Target Profile and an Action Plan, prioritizing the Functions is important to an effective Framework implementation. Depending on the organization, it may make sense to define a Target State that is very thorough in one Function, but modest in another.  Similarly, an organization may prioritize one Function over another when it comes to implementing an Action Plan.  

 

To help determine this priority, an organization should review the previously determined scope of the project, focusing on mission drivers and critical business functions.  For organizations with a more developed cybersecurity program, prioritizing Functions should be based on risk.  The organization should focus on developing the processes of governance and compliance, measuring implementation progress, and tracking.  This helps ensure the appropriate infrastructure is in place to achieve continued security.  For organizations with a less developed cybersecurity program, prioritizing Functions should be focused on quick ways to improve security, like implementing patching and password policies.  This will allow the security program to grow and establish baselines to aid in a later implementation of more advanced concepts.

Share this post


Link to post
Share on other sites
Sign in to follow this  

×