Assess your risk

Your team is responsible for the assessment of all security risks to your capability or service.

Agree your security controls

  • reflect your context
  • consider all types of controls
  • check your organisation's controls

Follow a framework

  • choose a framework that fits best
  • map controls against risks
  • put your controls in place

Do regular assessments

  • what you need to cover
  • use the assurance tracker
  • register your project