IT Governance, Risk, and Compliance

May 31 2011   8:17PM GMT

Effective Employment Practices for Protecting IT – Part VIII

Robert Davis Robert Davis Profile: Robert Davis

Technology is an enabler, not a solution, for deploying and executing a sound information assets protection (IAP) strategy. Responsibility for executing IAP should be shared across the entity, making all employees accountable as part of a well defined and articulated information security risk management program. Derivatively, the IAP risk assessment objective is to enable recommendations maximizing confidentiality, integrity, and availability protection; while maintaining information functionality and usability. This objective addresses major risk management elements; therefore, key objective conveyance to and acceptance by an entity’s employees can increase the probability for an adequate IAP risk management program.

View Part I of the Effective Employment Practices for Protecting IT series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: