Information Technology for Managers

Student’s Name
Institutional Affiliation
Professor’s Name
Course Name
Date
 Information Technology for Managers
Question One

In the world of information security, CIA acts as an abbreviation for Confidentiality,

Integrity, and Availability. These three principles are the basis of information security standards.

Confidentiality means that information is available only to those who are entitled to it

(Schwalbe, 2019). Integrity means that information is true and untainted by non-authorized

meddling. Accessibility means that the information is readily available to authorized users any

time when requested.

Under the organizational level, in a multi-layer security solution, there are many security

levels. One such level is the network level where the security measures which comprise

firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs) are

implemented to prevent authorized access and malicious attacks on the organization's network

(Stair, R., & Reynolds, 2021). The next security level is endpoint level, at which viruses,

endpoint detection and response (EDR) and data loss prevention (DLP) solutions are used to

protect individual devices from malware, data breach, and other security risks.

Question Two

At the organizational level, the security strategy in the CIA triad emphasizes the

implementation of policies, procedures, and technologies to guarantee the confidentiality,

integrity, and availability of information (Schwalbe, 2019). This access control system limits

access to confidential data through encryption and implementation of backup and recovery

solutions to prevent data loss in case of a disaster (Stair, R., & Reynolds, 2021). Organizations

also run regular security audits and risk assessments aimed at locating and taking care of security

risks. They can also introduce security awareness training programs to the employees to help
them learn about security best practices and the importance of protecting the sensitive

information.

Question Three

Privacy is valuable because it safeguards personal details against unwanted access that

might cause identity theft, financial loss and other kinds of harm. Governments put in place

measures that are specifically for protecting privacy to solve this problem. A considerable

example of the regulation is the General Data Protection Regulation (Stair, R., & Reynolds,

2021). The GDPR is a very strict regulation in terms of the way organizations deal with personal

data, giving individuals more power over their information. Furthermore, in the US, there is the

Health Insurance Portability and Accountability Act which establishes norms for the protection

of health information. The HIPAA laws govern healthcare providers and organizations to enact a

strong security framework to protect the privacy of patients in healthcare sector. These

regulatory frameworks are the key to safeguarding the privacy of individuals and the promotion

of responsible data handling by the organizations.

 References
Stair, R., & Reynolds, G. (2021). Principles of Information Systems | 14th Edition. Cengage

Learning.

Schwalbe, K. (2019). Information Technology Project Management 9th Edition. Cengage

Learning.