Information Security Management In Context Of Globalization
The security of information should be understood as the provision of confidentiality, accessibility, integrity, authenticity, and accountability of information. Confidentiality is defined by ISO 27001:2005 as “the property that information is not made available or dis-closed to unauthorized individuals, entities, or processes”. Issues about information availability, understood as “being accessible and usable upon demand by an authorized entity” , are not usually seen as a problem of the whole company. Lack of access to data is easily explained away by leave, the lack of electricity, a virus, or missed key. The third main property of information system security is integrity, that is to say, “safeguarding the accuracy and completeness of assets”. It may be considered at a technical level. Then it concerns the structure and configuration of network devices and applications. However, problems of integrity are mainly related to the activities of workers collecting and processing data. Failure to comply with integrity may cause delays in decision-making by management or a lack of actions to minimize the effect of existing threats.
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution 3.0 License.
(c) Washington Institute of China Studies
We encourage you to visit CEOpedia - The Management Online