The IT Security Plan and process is a first step to eliminating system and information compromises.
1. Take an inventory of your physical and information assets (what are you protecting?).
2. Perform a risk assessment to determine what level of security is needed to protect your information assets.
3. Complete the checklist to make you aware of your security strengths and weaknesses.
4. Complete an evaluation. Evaluate your findings and discuss recommendations to correct deficiencies and/or improve security with departmental administration and IT staff.
5. Develop a security plan. Create a Security Plan with target dates for implementation.
Assign responsibilities and target dates for the plan. Then monitor progress with reports on improvements and security initiatives.