>enterprise special interests
>smb special interests
>industry special interests
home > guidance > enterprise special interests


Which strategic actions work?


Automating and improving IT controls rank as the two most consistent strategic actions taken by a majority of the firms with the least loss or theft of sensitive data (Figure 1).

 

Figure 1: Strategic actions





























Source: IT Policy Compliance Group, 2007

 

Guidance recommendations

 

Assess the performance results of your firm against the industry benchmark results to determine which additional actions will most help to protect sensitive data.  Use the actions taken by the leaders as a results-guidepost and take the actions that will most improve results for your organization.  These may include:

 

·       Automating IT controls

·       Improving IT controls

·       Delivering training to employees and managing exceptions to policy

·       Increasing the frequency of measurements and reporting

·       Maintaining an inventory of sensitive data

 

 

© IT Policy Compliance Group, 2007

 

 

 









Asked why he was brought in to replace the previous CSO, this person said, "business risk and project management skills instead of technology." more...



Latest Blog Topics:

Topic : Policy Shapes Outcomes
Topic : Who’s sets objectives: Legal, Business lines or IT?
Topic : Who Manages Information Security?

© 2008 IT Policy Compliance Group, USA, All Rights Reserved.privacy policy | terms of use | contact us