Recommendation to Mitigate the Lac of InfoSec Policy

Recommendation to Mitigate the lack of InfoSec Policy Firstly, we identified that medium-sized company may suffer the problems as follows. The medium-sized companies usually have the same staff resources as the small organization, but they have a much larger personnel demand. The medium-sized companies have the worst ability to set policy, handle incidents, and effectively allocate resources. Based on the companys size, and the management structure we discussed above, we suggest that we use the Gartner Information Security Governance Model to assess the security problem of Inventure Foods, Inc. The Gartner Information Security Governance Model is most suitable for Inventure Foods type of business. It protects the information resources appropriately and efficiently given the company’s limited resources and overstretched personnel. The most important reason why we choose the Gartner Model is that it provides the blueprint for a complete security program and tells management the order about how to implement these security segments. Another reason is that the Gartner Information Security Governance Model is designed for companies that do not require high levels of security such as Inventure Foods. Additionally, Gartner Information Security Governance Model can be integrated as part of Inventure Food’s overall policy. Furthermore, the Gartner Information Security Governance Model is more about protecting the information resources efficiently and effectively beyond just the IT