Security Quality Management services can be demanded by the constituency for review and improvement of the security posture of their organizations.
Services relevant to this category are:
- Risk Analysis
- BC & DR planning
- Security awareness
- Training
Usually the know-how gained from the previous two categories of services (proactive and reactive) can provide as an input for services within this category. The goals of these activities are long term in order to improving the overall security of an organization or CSIRT. Proper security policies, procedures and guidelines in place along with regular risk analysis can enhance the security of an organization.