Principles to avoid mistakes
Information Security - Structuration and implementation

Add to my library

H5120 V2 Article

Principles to avoid mistakes


Information Security - Structuration and implementation

Author : Nicolas DUFOUR

Publication date: July 10, 2025 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

1. Principles to avoid mistakes

One of the key organizational principles for information systems security is to have a dedicated ICT (information and communication technologies) risk management framework, a dedicated audit and testing plan, and a specific training and awareness program. This also takes into account the need to monitor risks via a dedicated dashboard. Figure 1 illustrates these principles, which concern the implementation of a global governance framework for the management of risks linked to information and communication technologies (ICT), the implementation of a dashboard enabling regular monitoring of these risks, the implementation and monitoring of information system security audit tests, and the monitoring of employee training in information security issues.

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Article included in this offer

"Security of information systems"

( 88 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

Le protocole SSH

Le protocole SSH (Secure Schell) constitue une approche puissante, pratique et sécurisé pour protéger les...

Sécurité de l’information, cybersécurité et protection des données de vie privée - NF EN ISO/IEC 27001 : 2023

La sécurité de l'information fait partie du périmètre de la normalisation (ISO et AFNOR). À savoir les no...

ITIL® et ISO 20000 - Comment bien préparer sa certification de prestations de service IT ?

ITIL® (Information Technology Infrastucture Library) constitue un ensemble de bonnes pratiques à l'intent...

Protocoles SSL/TLS

Cet article a pour objet la sécurisation des applications de type client-serveur sur Internet. La démarch...

Tous les livres blancs
Toutes les actualités
Contact us