Security Basics: Re: Re: Information Security in Mergers and Acquisition

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: Re: Information Security in Mergers and Acquisition

From: iganor () ipvsecurity com
Date: Mon, 21 Jul 2008 03:57:59 -0600

Alfred,

I would start with:
1) A gap analysis document between buyer's and acquirer's security policies.
2) For each of the organizations - a gap analysis between "actual" policies and procedures and the "written" security 
policies.
3) Based on the above documents (and management input) put a "new" security policy and get management sign-off.
4) Put a plan of what's required to be done for each "organization" to adopt the merged security policy.

Obviously it is easy said than done!

Ido

By Date By Thread

Current thread:

Re: Information Security in Mergers and Acquisition, (continued)
- Re: Information Security in Mergers and Acquisition Meenal Mukadam (Jul 18)
- RE: Information Security in Mergers and Acquisition Daniel I. Didier (Jul 18)
  - RE: Information Security in Mergers and Acquisition Ido Ganor (Jul 21)
    - Re: Information Security in Mergers and Acquisition Dan Anderson (Jul 22)
- Re: Information Security in Mergers and Acquisition ddidier (Jul 21)
- Re: Re: Information Security in Mergers and Acquisition iganor (Jul 21)