It is the identification of an organization's assets, followed by the development, documentation, and implementation of policies and procedures for protecting assets.

It is an important administrative security control designed to avoid, counteract or minimize IT security risks.

What influenced the asset to put it at risk?

It addresses detected threats, correcting or reducing the impact of the threat and removing it from the system.

These strategies aim to reduce the likelihood of a successful cyber attack by identifying and eliminating security weaknesses within the system, it focuses on blocking threats before they can execute, rather than responding to incidents after they have already occurred.

It is the practice of monitoring an organization's security ecosystem to quickly identify any malicious activity within the networks.

It is a comprehensive statement made by the company’s senior management, indicating the role of security in the organization, and it must be independent in terms of technology and solutions.