The specification of baseline security controls and operational policies to be deployed to the Enterprise In this process, the organization makes decisions (funding, staffing, R&D, testing, monitoring, etc. about what assets (tangible and intangible) to protect, using what particular means, and at what target assurance levels. These decisions must be informed not only be technical options, but also by perceived asset value and threat probability. These is typically done by conducting Vulnerability Management, Threat Assessment, and Risk Mitigation processes. Within the Prevention process the organization selects, designs and specifies a baseline set of security controls, including operational policies, to be applied to its managed resources and services to include Secure Configuration policies and procedures.
Description: the level of this object in the hierarchy (1-x integer)
isDeleted
False
Details:
Values: True,False
Issue
Application Framework 16.5 Modification Business Process Framework 12.0 Addition Business Process Framework 15.0 Modification Business Process Framework 15.5 Modification Business Process Framework 21.5 Modification
Details:
Maturity
4
Details:
Description: the maturity level of this element (1-x integer)
Original Process Identifier
1.3.2.2.8
Details:
Process Identifier
1.7.11.8
Details:
TMFStatus
Released
Details:
Values: Released,Preliminary,Draft,Not Fully Developed,likelyToChange,likelyToBeDeprecated Description: the TM Forum status
