|Planning and Organization:||Acquisition & Implementation:||Delivery and Support:|
|Determine information architecture||Acquire, maintain application software||Ensure systems security|
|Define IT organization, relationships||Acquire, maintain technology infrastructure||Educate, train users|
|Ensure compliance with external requirements||Develop, maintain procedures||Manage problems, incidents|
|Assess risks||Manage changes||Manage data, facilities, operation|
In addition, follow all aspects of monitoring, updating, patching, logging, two-factor authentication, anti-virus, anti-malware, wireless intrusion detection and prevention.
Have a dedicated IT staff to do the above. If you do not have the staff, talk to a trusted managed security service provider like Omega ATC. Omega ATC is a certified Level 1 service provider and has all the credentials to keep you compliant. Phone 636-557-7777.