An Objective Of Information Security - 1620 Words

The main objective of information security is to safeguard the integrity, confidentiality and availability aspects of information systems and data. from any threats and vulnerabilities, especially when such threats and vulnerabilities are on the rise. The 2015 annual Global State of Information Security Survey conducted by the Internet Development Group (IDG) subsidiaries CIO and CSO in conjunction with PricewaterhouseCoopers (PwC), shows information security incident increase of 48% from 2013-14, and a 66% compound annual growth rate since 2009; Furthermore, the same study found that employees were the most-cited culprits of security incidents (Global State Information Security, n.d.). The implication is that organizations need to look†¦show more content†¦Bulgurcu et al. (2010) referred to this theory as the basis of their investigation of the rationality based factors of benefit of compliance, cost of compliance, and cost of noncompliance, that influence employee attitude s on compliance to requirements of the information security policies. Bulgurcu et al. (2010) further postulated the following based on employee’s beliefs about the outcomes of compliance and noncompliance; that intrinsic benefit, safety of resources, and rewards shaped benefit of compliance, work impediment shaped cost of compliance, and intrinsic cost, vulnerability of resources, and sanctions shaped cost of noncompliance . The findings of their research were that benefit of compliance and cost of noncompliance positively impacted employees’ attitudes to compliance, whereas cost of compliance negatively impacted employees’ attitudes to compliance. Other similar research that has been done has also yielded similar results. Research by Sang et al. (2014) examined the study done by Bulgurcu et al. (2010), and verified their findings. Siponen et al. (2009) found that perceived vulnerability (employees assessment of organizations’ vulnerability to information security threats) and perceived severity (the degree of potential physical and psychological harm arising from information security threats) directly affect employees intention to comply with information securityShow MoreRelatedA Brief Note On The Internal Revenue Service1153 Words   |  5 Pagesprotect the availability, confidentiality, integrity, authentication, authorization and security controls of all employees and also the taxpayers. In the context of IRS information security, availability is generally expressed as the amount of time users can use a system, application and data, where user refers employees and taxpayers. Integrity refers the validity and accur acy of data. For IRS, data and information are intellectual property assets. Unauthorized changes can undermine the data’s valuesRead MoreThe ISO 17799 Framework621 Words   |  3 PagesISO 17799 is a detailed security standard organized into major areas of business continuity planning, system access control, system development and maintenance, physical and environmental security, compliance, personnel security, security organization, computer and operations management, asset classification, and control and security policy (Violino, 2005). This framework provides a high level of assurance in various areas of business. It is the most obvious for security and covers each topic atRead MoreThe Plan And Budget After The Homeland Security792 Words   |  4 Pagesinvolved in developing a Homeland Security Plan and Budget after the Homeland Security Assessment of the organization has been completed is to first develop the Vision statement The Vision statement is XYZ organization will be the industry leader in providing â€Å"Best Practices† that support homeland security among employees, suppliers, partners, and customers. The second step is to develop the Mission statement, and Mission statement creates ownership of homeland security initiatives among all levels ofRead MoreThe History Of Uk Cyber Strategy1230 Words   |  5 Pagesstrategy is the government’s strategy. It sets out the government’s policy on war and peace at a national level. Basil Liddell wrote that grand strategy coordinates and directs all the resources of the nation(s) to the attainment of the political objective of war. The British defence doctrine of 2008 published the hierarchy of command establishing four levels of strategy namely; Grand Strategic – Is the National political aim in peace and war for Her Majesty’s government. The Military Strategy – TheRead MoreEvaluation of the Effectiveness of Control Systems in Computerized Accounting Information Systems1625 Words   |  7 PagesAccounting – Business Management 13 (2006) 39-68 Evaluation of The Effectiveness of Control Systems in Computerized Accounting Information Systems: An Empirical Research Applied on Jordanian Banking Sector Talal H. Hayale* Husam A. Abu Khadra†  Abstract The objective of this study is to evaluate the level of Control Systems effectiveness in Computerized Accounting Information Systems (CAIS) that is implemented in the Jordanian banking sector to preserve confidentiality, integrity and availabilityRead MoreEssay Security Issues and Precautions in Church Environments1353 Words   |  6 Pagesseems to be changing, security components of physical, personnel, information and interdepartmental dependency for a mall may not correspond completely within a church environment. Church Security Objectives with the Most and Least Value I think the security objective that deserves the most attention within a church environment is the physical security component. However, I do think the interdependency component could work well in connection with the physical security aspect, if we look at inRead MoreThe Service Of Service Design1067 Words   |  5 PagesService Design comes after the service strategy (Annexure A). The service design is not limited to new services, but also to old services which are need to improve the service design which are necessary to maintain the value to customers. The main objective of service design is designing an innovative idea or to change an existing design into a live environment. To change a design or to implement there are several requirements. These requirements are taken from the service portfolios and they are analyzedRead MoreThe System Development Life Cycle1357 Words   |  6 Pageswith respect to the IIS and its data. In addition, the security policy should include appropri ate procedures to ensure local site data and software are properly managed. The IIS applications such as general reader, general user, and site manager need to be created to support the objectives of the policies (Arzt, 2007). In addition, this proposal will apply the System development Life Cycle (SDLC) in developing information security policy. A. Process: This project will attempt to address privacyRead MoreApproaches to Risk Analysis Essay912 Words   |  4 PagesWhen planning any kind of project, especially an information security project, risk analysis is very important. Risk analysis, in the context of information security, is the process of assessing potential threats to an organization and the overall risk they pose to the continued operation of the organization. There are multiple approaches to risk analysis, and multitudes of literature have been published on the subject. In their paper published in 2012, Bhattacharjee and associates introduced twoRead MoreControls for Information Technology, Reporting and Evaluation718 Words   |  3 PagesControls for Information Technology, Reporting and Evaluation Controls for Information Technology, Reporting and Evaluation Information technology (IT) controls are particular functions performed by employees and operating systems specifically designed to ensure business objectives and goals are met. Although IT controls are different than internal controls both are vital functions of an organization that are both reported and evaluated on a regular basis. IT control objectives are based on