The Information Technology Security Manager should conduct a security assessment of the company’s Information Technology network, using the IT Security Assessment Checklist Template as a guide. ITSD102-1 IT SECURITY ASSESSMENT CHECKLIST covers hardware risk, software risk, environmental risk, network failure, and more.
A Security Review Committee, consisting of Information Technology Managers, the Information Technology Security Manager, and management from the various company departments (Human Resources, Accounting, Production, Sales, etc.), should be established. The Information Technology Security Manager should evaluate findings and discuss recommendations to correct deficiencies and/or improve security with the Security Review Committee.