Today,
most of the organizations are highly dependent on information systems to manage
business and deliver products or services. Businesses rely on information
technology services for development, production and delivery in various
internal applications. Those internal applications such as financial databases,
time-booking of employees, offering help-desk and customer care services, giving
remote access to customers and employees and remote access for client systems,
interactions through e-mail, internet,
mobile phones and other gadgets.
What’s Information Security Management?
The information security management (ISM) comprises
of set of policies and procedures for systematically managing an organization's
sensitive data. The aim of ISM is to minimize risk and ensure business
continuity by pro-actively limiting the impact of a security breach.
As
far as information security management
system is concerned, this is the part of overall management system, basing on
business risk approach to establish, operate, monitor, implement, review,
maintain and improve information security. The management system is a
combination of things like organizational structure, policies, planning
activities, responsibilities, practices, procedures, processes and resources.
Three Aspects of information Security
Confidentiality: Protection of information
from unauthorized disclosure to competitors or to press.
Integrity: Protection of information
from unauthorized modification, ensuring that information like price list, is
accurate and complete.
Availability: Making sure information
is available when you need it.
The
confidentiality, integrity and availability of information are important for
competitive edge, cash flow, profitability, and legal compliance and branding.
No comments:
Post a Comment