When you add a new element to your security program, does that add an additional burden on you?
Overly burdensome security programs often have these attributes:
- High personnel stress level
- Long work hours for managing personnel
- Good business practices tend to fade
- Security program documentation goes out of date
- It becomes increasingly harder to keep up with business changes and risk changes
The Missing Management Process
In most such cases what’s missing from security process and procedures is an appropriate process for managing security.
Correct security program expansion can hold its own without unusual efforts. That requires a well-defined process for managing security that is:
- appropriate to the scope and purpose of the security function
- appropriate to the specific business organization
Implementing an Appropriate Management Process
The ANSI/ASIS standard for Organizational Resilience defines such a process that is tailorable to your security program’s scope and purpose, as well as to your business.
There is also an Organizational Resilience Maturity Model that you can use to implement the management process in an easy, step-by-step fashion. It’s also designed to help you get strong support from senior management.
To learn a little about how this standards-based management process might help you, call Ray Bernard at (949) 831-6788.