User:Shawndouglas/sandbox/sublevel3

After identifying the "who," it's time to address the "how." Internal leadership is going to most strongly affect the cybersecurity plan and the organization's cybersecurity goals, and as such, you can readily define their impact. Regulatory bodies also represent clear stakeholder involvement in how policy is shaped, e.g., U.S. businesses handling PHI will need to conform to HIPAA data privacy regulations. How other stakeholders influence the plan and goals may be more difficult due to actual role (the typical employee arguably has only so much control over security) or internal politics (how leadership views investors' role in shaping cybersecurity policy). It may help to organize all stakeholders by their relationship to the cybersecurity effort (primary, secondary, key, etc.) while considering how those stakeholders will inevitably shape policy. The University of Kansas' Community Tool Box Chapter 7, Section 8 may be helpful for better identifying stakeholders and their interests.^[1]

References

↑ Rabinowitz, P. (2019). "Chapter 7, Section 8. Identifying and Analyzing Stakeholders and Their Interests". Community Tool Box. University of Kansas. https://ctb.ku.edu/en/table-of-contents/participation/encouraging-involvement/identify-stakeholders/main. Retrieved 23 July 2020.

[RabinowitzIdent19-1] Rabinowitz, P. (2019). "Chapter 7, Section 8. Identifying and Analyzing Stakeholders and Their Interests". Community Tool Box. University of Kansas. https://ctb.ku.edu/en/table-of-contents/participation/encouraging-involvement/identify-stakeholders/main. Retrieved 23 July 2020.

[1]

User:Shawndouglas/sandbox/sublevel3

References

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools

Popular publications

Print/export