Download discuss 29398566 4-2-final-project-milestone

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript
1
Information Security Roles and Responsibilities
Student’s Name
University
Course
Professor
Date
2
Information Security Roles and Responsibilities
Who are the key leaders of the organization-specific to how their responsibilities are
connected to the security of the organization's information?
Information security managers are key to the safeguarding of organizational information
at a higher level than other staff. The responsibilities of the information security manager are
diverse as they have to provide information security awareness through training of staff while at
the same time creating and managing the strategies related to information security (Nieles et al.,
2017). The manager responsibilities are connected to the security of the organization's
information because they oversee the audits that are conducted to determine the level of safety
and the current security architecture's vulnerabilities and defects. The managers are needed to
implement technological upgrades and major changes to the current organizational environment
to prevent any forms of information loss.
You must also identify key ethical considerations.
Due to the ever-transforming technology, managers must understand the ethical codes
that are also changing. Ethical consideration is whether company information availability
justifies its use. The organization collects massive amounts of data mainly for commercial
reasons. Data is collected to increase business, enhance profitability, and control expense (Nieles
et al., 2017). However, technological growth and advancement have led to changes in the way
company hardware and software are used to understand what kind of data is amassed. Privacy is
an ethical consideration that managers must understand that expense and effort can be directed to
the right ways to collect, store, and access the data without creating privacy issues.
What are the ramifications of key leaders not properly accounting for ethical and
legal considerations?
3
Whenever key leaders are not accountable for the ethical and legal considerations of the
company the performance of the employees is affected. The employees could be too concerned
with making money that in the process forget to follow the set protocols and procedures (Cram et
al., 2017). The leaders that are not accountable act as bad examples to employees who become
careless, are susceptible to making errors and increase paper work. Employees who think that
acting ethically and legally will not get them ahead in their work and career are less motivated to
perform better in the process leading to a decrease in performance.
What are the key components of information assurance as they relate to individual
roles and responsibilities within the information assurance plan?
In an Information Assurance Plan there is always a need to implement all the key
components that relate to individual roles and responsibilities. Firstly, availability means that the
employees and employers can easily access all the information that is stored within the
organizational network. Without the availability of information, the employees are limited in
their ability. Integrity is an important component as it ensures that information is not
compromised and is safeguarded from threats. In the assurance plan, information technology
managers have a role in developing policies that ensure that company data is not mishandled.
Employees have a responsibility to play when they are needed to verify their identity when
accessing sensitive information (Cram et al., 2017). Authentication systems ensure that
information is safeguarded and cannot be compromised by phishers or hackers. While making
the Information Assurance Plan, confidentiality is an important factor. Confidentiality involves
the protection of information that is private from unauthorized users, entities, competitors, as
well as systems.
4
In conclusion, information security managers have a big role to play in safeguarding
company data. From setting policies to planning for training activities, the managers are in the
front line making a key decision and ensuring that ethical considerations are followed.
Employers and managers who are not accountable to the set rules, protocols, and procedures hurt
the entire organization and instill habits that make the information not safe. The key components
in the Information Assurance Plan help the organization by setting standards and policies that
promote safety and business continuity.
References
Nieles, M., Dempsey, K., & Pillitteri, V. Y. (2017). An introduction to information
security. NIST special publication, 800, 12.
Cram, W. A., Proudfoot, J. G., & D’arcy, J. (2017). Organizational information security
policies: a review and research framework. European Journal of Information Systems, 26(6),
605-641.
Related documents