Assess your risk
Your team is responsible for the assessment of all security risks to your capability or service.
Agree your security controls
- reflect your context
- consider all types of controls
- check your organisation's controls
Follow a framework
- choose a framework that fits best
- map controls against risks
- put your controls in place
Do regular assessments
- what you need to cover
- use the assurance tracker
- register your project