« A Holistic Information Protection Program | Main | Making the Necessary Risk Mitigation Strategy Adjustments in Your New Job »

October 30, 2014


Todd A Osborn

Thanks for sharing. I have used the NFPA 1600 to establish numerous EM programs. I have found that it is a good starting point to then merge the more specific components from IS22301 or other standards.

If the organization has a mature or established program, a gap analysis will identify specific areas of improvement. Once these areas have been assessed, elements from multiple standards are quite useful in addressing the gaps.

One approach of many.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)