Professional Documents
Culture Documents
CS Day 3
CS Day 3
2
3
4
Information security is needed to reduce the risk of unauthorized access, use, disclosure,
disruption and modification of business information.
Information security reduces the risk to a level that is acceptable to the business
(management).
Information security improves the way an organization can do business.
5
Implementing information security has more to do with management than technology.
Managing information security has more to do with policy and its enforcement than with the
technology of its implementation.
6
Today’s organizations strive hard to acquire and operate integrated, efficient and
capable software applications like OS platforms, e-mail systems and Instant Messaging
applications that form an important part of an organization’s infrastructure.
They acquire such applications from an external service provider or build on their own.
7
Without data, an organization loses its record of transactions and/or its ability to deliver
valuable services to its customers.
8
9
10