5.8 Information security in project management

Integrate information security into project management so that the organization can better address risks. Assess and treat InfoSec risks, address requirements, and consider communication security. Review progress and allocate responsibilities. Determine security requirements for all projects and consider information classification, protection, authentication, access, user responsibilities, compliance, and third-party assurance.