Daniel:
We won the Cogwells Award this year -- a great honor!! The following would be my suggestions for your blog:
Develop a good working relationship with your IS rep so that you're comfortable asking for advice.
I know it's not always easy to do but convince your management of how important your security program is.
When in doubt, report it (at least to your IS rep and then he/she can advise you on where else you should go with it). Research it first in the NISP but if you're not sure if it's reportable, talk with your IS rep.
Remind your cleared people of their reporting responsibilities by providing security educational materials quarterly, rather than just the required annual. Also provide information to your uncleared employees and keep a list of your education program.
Your blog is a great idea -- good luck!
Judy Santo, FSO, Oxford Global Resources
No comments:
Post a Comment