Purpose:The purpose of an Information Technology Security Plan is to provide an overview of the security requirements of the system and describe the controls in place or planned for meeting those requirements.
This document provides an I.T. security strategy for providing information assurance. The Security Program is an ongoing venture that follows a cyclical process and the implementation phases represent a flow of activities that yield an ever maturing program. The implementation cycle involves establishing information security requirements, educating employees about their responsibilities, building governance structures (to ensure compliance), and reporting progress.
