Question

How can stakeholders and departments be involved during the cybersecurity policy life cycle?

Answer 1

Stakeholders of various departments can conduct meeting with administration of department on a frequent basis to learn about significant issues that affect their work is a big step toward ensuring that steps are taken in right direction with respect to security.Getting an idea about their work structure is also essential.Here risks can be identified also assets which needs to protected could be identified.

Stakeholders of various departments like Human resources,Public relation,Legal,Management can be involved during cybersecurity policy life cycle by attending each security policy planning session.Such sessions are information gathering sessions where each stakeholder from various departments can put forward the information gathered with respect to current working security situation of an organisation.And this would lead to getting solid and conclusive steps which can be implemented for developing security of that organisation.As per the draft ,final implementation plan will be developed involving top decision makers of company/top administration.

Once the implementation plan is in place department heads must arrange to provide user training if required to ensure all steps are implemented and staff comply to policy.Management could monitor daily activity of staff and see whether it is been followed throughout.Also reviews would be gathered.