The Importance Of Information Security

The security controls, policies, procedures, and guidelines were tested using the security testing plan that was evaluated by a security team to correct and report flaws in the system design. The only major flaw doesn’t relate to the network or the physical system itself, but instead policies and procedures seem to be at the highest risk. Policies and procedures explain that the chain of custody during media transportation and disposal should be logged and tracked impeccably. I believe putting stronger controls in place for the transportation of media would lower the risk of exposed confidentiality tremendously. I believe each device used to transport should be trackable at any given time, rather than just by logs.

the

Information security considered as the procedure of protecting information against unauthorized access, disclosure, disruption, modification, use, or destroyed. In other word information security include defending information whatever the form this data may take. Although each organization employ information security to protect its secret data, but security breaches or identity theft may take place, security breach mean illegal access to defined categories of personal information. In other word it mean illegal access to personal information to use, destroy or amend it (Cate, 2008, p.4).

The

The

The

Having security basically means that the data is safe from unauthorised or unexpected access, modification or deletion of files. Due to the vast majority of files being stored on a form of electronic device in the modern world, it is the job of the company, in this case Tesda, to ensure that access is limited to certain individuals and that they pose no threat to the company. Although there are many ways of accessing this information illegally, Tesda should concentrate on protecting against the most common types like viruses and system failure etc. Ensuring that there is a backup server is essential as this information is what keeps the business running and losing it will have a massive impact on them. Within Tesda, it will be the role of the management to assess who should and shouldn’t be granted access to particular bits of information and whether or not they will have it as read only or being able to edit the document.

Many people in the company need access to data to help them do their job better. The main questions revolve around who needs what data, and who chooses what data gets to be shared. Looking at all the pieces, as well as the IT and information assets, the governance of the data belongs to a data owner (Khatri & Brown, 2010). The main questions to be answered must include who is the data owner? Who is responsible for data quality?

• Security that all transmissions are protected when being transmitted over the electronic communications

the

The

Worth noting is that, IT governance and its mechanisms such as; IT organizational structure, governance committees, approvals and budgeting processes (Weill, 2004) can be found in every enterprise but the only difference is that, enterprises with an effective proactive governance also have in place active IT governance mechanisms which enables their appropriate behavioural patterns to be fitted into the organization’s goals, strategy, values, norms, mission, and culture, to crown it all successful. Therefore from the above description of IT governance one can now easily pin-point the key issues related to an effective IT governance mechanisms, highlighted in Galliers & Leidner chapter 12, (2009, p. 303-4) by Weill, (2004) as explained below:

the

1-What is the difference between a threat agent and a threat? A threat is a constant danger to an asset, whereas a threat agent is what facilitates an attack. 2-What is the difference between vulnerability and exposure? Exposure is a condition of being exposed and it exists when a vulnerability is known to an attacker while Vulnerability is a weakness or fault in a system or protection mechanism that opens it to attack or damage.

1. Know your position and what responsibilities come with it. Know what is expected from you not only as a manager but as an employee as well. This will allow you to perform, behave and react in an appropriate manner. 2.