Building IT Policy Programs for Higher Education
/
Chapter 9: Designing Your Policy Architecture
Chapter 9: Designing Your Policy Architecture
https://leanpub.com/campusciso_it_policy
The Too-Many-Programs Trap
https://leanpub.com/campusciso_it_policy
Risk-Tiered Data Classification
https://leanpub.com/campusciso_it_policy
Four-tier Data Classification Model
https://leanpub.com/campusciso_it_policy
Distinction between Confidential and Regulated
https://leanpub.com/campusciso_it_policy
The high-water-mark principle
https://leanpub.com/campusciso_it_policy
Minimize the Scope of Your Most Restrictive Tier
https://leanpub.com/campusciso_it_policy
Mapping Regulations to the Framework
https://leanpub.com/campusciso_it_policy
Supporting New Compliance Requirements
https://leanpub.com/campusciso_it_policy
The Anti-Pattern: A New Policy for Every Requirement
https://leanpub.com/campusciso_it_policy
A Better Approach: Classify Data, Then Enhance
https://leanpub.com/campusciso_it_policy
What Makes the Layering Work
https://leanpub.com/campusciso_it_policy
From Structure to Execution
https://leanpub.com/campusciso_it_policy
Chapter 9 Key Takeaways
https://leanpub.com/campusciso_it_policy
Up next
Part IV: Building Your Program
In this chapter
Chapter 9: Designing Your Policy Architecture
The Too-Many-Programs Trap
Risk-Tiered Data Classification
Minimize the Scope of Your Most Restrictive Tier
Mapping Regulations to the Framework
Supporting New Compliance Requirements
What Makes the Layering Work
From Structure to Execution
Chapter 9 Key Takeaways