A. Before you can implement a successful security program, you must find out what you are trying to protect? From whom it must be protected? and what it is worth to the company?. Explain the previous statement in more details.
B. To handle an incident well. One should not be forming the team during a crisis. Ironically, the best time to form the team and the Processes is when you feel you do not need them. Explain the procedure for setting up an incident-response team
A. Describe a sample security program at a small company, and large company.
B. Discusses the role of A risk manager in a security team