1. Take an inventory of your physical and information assets (what are you protecting?).
2. Perform a risk assessment to determine what level of security is needed to protect your information assets.
3. Complete the checklist to make you aware of your security strengths and weaknesses
4. Complete an evaluation. Evaluate your findings and discuss recommendations to correct deficiencies and/or improve security with departmental administration and IT staff.
5. Develop a security plan. Create a Security Plan with target dates for implementation.

Assign responsibilities and target dates for the plan. Then monitor progress with reports on improvements and security initiatives.

Listed below are suggested personnel to carry forward and implement a security plan. Please feel free to look the Steps over prior to starting as well as the graph documenting the organization of the plan. The goal of the plan is to help you determine an appropriate level of security and plan to arrange suitable security for your departmental IT assets.

Responsibilities for a Departmental Security Plan