Build security criteria into the design of IT solutions and services — for example, by defining coding protocols, depth of defence, and configuration of security features.
Define, implement, and monitor measures to protect all IT devices such as networks, servers, client computing devices, storage devices, printers, and smart phones.
Implement, monitor, and maintain measures to safeguard the IT physical infrastructure from threats including extremes of temperature, fire, flooding, malicious intent, and utility supply disruptions.