Security Management: Compliance vs. Continuous Improvement

Printer-friendly version
Sub Heading: 
Vicente Aceituno, Zenobia Consulting, Spain

For the last twenty years, information security management has leveraged compliance in order to get budgets and steer decisions. Complex as it is, it is now the time to align our management techniques with the rest of the business and embrace continuous improvement as our new paradigm.

Those attending this session will learn that:

  • Compliance is a strong driver, but limits the contributions that information security can bring to a business.
  • Continuous improvement enables resources saving that are extremly important under the current economic circumstances
  • Some well known and stablished concepts were useful in their time, but need to be dropped in order to achieve higher information security management performance.

Vicente Aceituno, CISA has 15 years experience in the field of IT and Information Security. Vicente started his career in the field of network and systems administration and moved into project management and security management. During his career in Spain and UK, he has worked for companies like Coopers & Lybrand, BBC News and DMR Consulting. He is the main Author of the Information Security Management Method ISM3 (Information Security Management Maturity Model)

 

 

Home | Sitemap | Privacy | Legal