Security frameworks awareness module released

The security awareness module for July concerns conceptual or architectural frameworks, standards, methods and good practices in the area of information risk and security – ‘security frameworks’ or ‘frameworks’ for short.

Both the organization and individual workers are obliged to comply with various rules concerning information security.  Some rules are imposed on us by external authorities in the form of laws and regulations, others we impose on ourselves through corporate policies and procedures, contracts etc. 

There are numerous laws and regulations relating to information security, far too many for us to cover in detail.  We can only talk in general terms. 

We face a similar practical constraint with corporate security policies, procedures etc.: we are not familiar with our customers' policies, nor with their current internal compliance challenges. But the ‘policy pyramid’ is a near universal structure or framework, so the generalities apply again ... and for good measure we're supplying an updated suite of 71 security policy templates along with July's awareness content (the policies are sold separately too).

The module provides a sound platform or starting point to raise awareness of good security practices, frameworks and structured approaches. 

Next month we’ll move on to cover insider threats - threats originating within the organization from its employees, contractors, consultants, temps, interns and more.  August’s module will be simpler and more practical, less conceptual than July’s.