IT Examiner School eBook

Security vs Performance

• Security. Security is a trade off in performance, useability, backward compatibility.

Security

• Balance. Companies must tradeoff and strike a balance between the amount of security, regulatory obligations and risk tolerance. • C-I-A must be considered when applying the appropriate amount of security into an environment.

Performance

The Elements of Information Security

Board & Executive Oversight

Supports the mission of the organization

Requires a comprehensive and integrated approach

Protect assets of the Organization

Protections are implemented based on risk informed decision making

Interdependencies of security controls are assessed and monitored

Cultural adoption through awareness & skills training

Roles and Responsibilities are explicit