IT Governance, Risk, and Compliance

Jan 24 2013   1:54AM GMT

eBook excerpt: Assuring Information Security – Part XIII

Robert Davis Robert Davis Profile: Robert Davis

1.3 Entity Employees

“The first line of defense from insider threats is the employees themselves.” – Software Engineering Institute (SEI)

Stakeholders expect managerial personnel to run the entity in accordance with accepted business practices, while maintaining compliance with applicable laws and regulations.  An appropriate managerial tone should be established and communicated throughout the entity, including explicit moral guidance regarding expected behavior.  For IAP, the onus certainly resides with the entity to take adequate precautions when employing individuals and to ensure that, regardless of motive, individuals are reasonably prevented from abusing IT resources.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: