How good is your IT Security Administration

So how good is your IT Security Administration? Below some of the list that is intended as a guide to the various areas that need to be reviewed to conduct a complete assessment of security administration.

• Organization and policies
• Procedures and post orders
• Personnel selection
• Staffing and background checks
• Education and awareness
• Contract management

Each aspect of this assessment is equally important to providing the client with a complete picture of the operation. You should understand that the assessment process is intended to document the current status of the security program for the client. [How to build IT Security Plan, Timothy Giles]

This means that you need to record the good and bad aspects of the existing conditions. Do not just focus on what is wrong. This will be important as you begin to define the Security Master Plan later in this process. It is also important to make sure your assessment is a collection of facts only, no opinions.