Navigation Bar For Technology Leaders

The Planning Process

Security Planning Protocol Step 3: Risk Reduction

Detailed Explanation for Phase 3

3-A. Identify and Evaluate Options: Create or Update Overall Security Plan

Identify desired solutions

  • Nature of security gap
  • Relevant best practices
  • Local capacity and resources
  • Available budget

Prioritize Actions

  • Potential organizational impact
  • Immediacy of threat
  • Cost of prevention vs. repairing damage
  • Time to implement
  • Likelihood of success
See “Security Planning Grid”

3-B. Create and Implement Task-focused Action Lists

  • Assign responsibilities & Schedule actions
  • Reapply stress tests
  • Evaluate success
See “Security Task Worksheet”

3-C. Review & Revise Standard Operating Procedures & Policies

  • Analyze lessons learned
  • Discuss needs with decision-makers
  • Revise operating procedures

OUTCOME:
Implemented Security Plan
 Risk Analysis and Risk Reduction process must be regularly repeated to ensure effectiveness

 
Phase 2: Set Security Goals
Phase 4: Risk Reduction

 

  
A Leadership Initiative of CoSN
Home Project Overview About the Project Executive Summary Conference Handouts & Slides Press Releases For Superintendents & Policy Makers For Technology Leaders Share Your Story Free Newsletter Contact Us Join CoSN