Elements and Performance Criteria
- Implement security plan
- Monitor the risk environment
- Determine and document strategies to monitor the risk environment.
- Monitor security risks, types and sources of threats to detect changing circumstances that may alter risk management priorities.
- Conduct monitoring on a regular basis.
- Monitor organisational changes to identify circumstances where re-examination of the security environment becomes necessary.
- Document and act upon results of monitoring.
- Evaluate security plan
- Monitor risk treatments to gauge extent and effectiveness of implementation.
- Evaluate treatments against the objectives of the security plan.
- Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work area.
- Identify and address weaknesses in the security plan.
- Review the plan on an ongoing basis, to detect exceptional incidents, breaches, and changes in circumstances.
- Update the plan to reflect current circumstances.
- Implement security plan
- Monitor the risk environment
- Determine and document strategies to monitor the risk environment.
- Monitor security risks, types and sources of threats to detect changing circumstances that may alter risk management priorities.
- Conduct monitoring on a regular basis.
- Monitor organisational changes to identify circumstances where re-examination of the security environment becomes necessary.
- Document and act upon results of monitoring.
- Evaluate security plan
- Monitor risk treatments to gauge extent and effectiveness of implementation.
- Evaluate treatments against the objectives of the security plan.
- Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work area.
- Identify and address weaknesses in the security plan.
- Review the plan on an ongoing basis, to detect exceptional incidents, breaches, and changes in circumstances.
- Update the plan to reflect current circumstances.