A top priority for any organization today should be the establishment and successful operation of an information security program. As you begin the planning for your information security program, you must take into account the unique aspects of your organization. Some of these aspects include:
- Organization size: The information security program for a small custom metal fabricator will be very different than for a car manufacturer.
- Organization industry: An organization that is focused on oil and gas exploration will have very different concerns than an organization that produces frozen TV dinners.
- Organization compliance factors: Do you process credit cards? Do your customers include governmental agencies? Are you publicly traded? Answers to these questions will affect the organization and operations of your information security program...