Security management

Security management is the identification of an organization's assets i.e. including people, buildings, machines, systems and information assets, followed by the development, documentation, and implementation of policies and procedures for protecting assets.

An organization uses such security management procedures for information classification, threat assessment, risk assessment, and risk analysis to identify threats, categorize assets, and rate system vulnerabilities.[1]

  1. ^ "Manage IT Security Risk with a Human Element". Dell.com. Retrieved 26 March 2012.