This article addresses the role information security plays in an organization. Historically, organizations have deemed information security to be an information technology issue, one that the business as a whole did not need to address. Organizations have also treated information security as an add-on feature, almost an afterthought. Information security must become ingrained into the culture of the organization to ensure security compliance in all facets of the company. Organizations that are beginning to mature with information security may choose to investigate and implement established systems that support information systems.
Systems such as ITIL and ISO/IEC 17799 can be used as a foundation for the development of a sound information security process. Regardless of how organizations approach information security, they must begin to envision information security as an overall business problem. If organizations can embrace the cultural change and embrace information security in all aspects of a business, information security will become a well established practice that is followed by all.
Read this full article at Info Sec Writers
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!