Judges will pick a winner in each of the four categories listed below. The awards emphasize excellence in various aspects of Information Security.
| • |
Best overall security strategy and implementation
This award is aimed at recognising institutions which have best overall strategy for implementation of a secure IT framework. The category will focus on three critical aspects of security framework i.e. people, processes and technology. The criteria for evaluation will include:
| • |
Design of security framework |
| • |
Security initiatives |
| • |
Approach to security |
| • |
Management commitment |
|
|
| • |
Best overall security strategy and implementation – with a Microsoft backbone
This award will focus on how Microsoft technologies have been leveraged to design a security framework. The evaluation criteria among others will assess on how Microsoft solutions have been used and deployed to enable business and at the same time ensure adequate security. |
| • |
Best setup integrating compliance and security
Every sector has regulatory norms and governing bodies. The purpose of this award is to recognise those institutions which have best managed to embed regulatory policies into their security/IT framework. This category will look at:
| • |
Integrated framework for security and compliance |
| • |
Continuous enhancement based on changing
regulatory needs |
| • |
Monitoring and compliance initiatives |
| • |
Management commitment |
|
|
 |
| • |
Best effectiveness in raising IT awareness among employees
Security awareness is much more than just mere knowledge. It embodies the very essence of company's culture and attitude towards their basic work ethics and core business conduct. This award aims to recognise those institutions which have devised innovative schemes and methods to keep their employees on their toes. It will look into:
| • |
Quality of security education being provided |
| • |
Nature of learning and assessment techniques being employed |
| • |
Incorporation of knowledge-imparted into actual everyday operational processes |
| • |
Overall effectiveness in getting the employees to view IT security positively, rather than as a burden |
|
|
