Home > Essay Examples > Business > Management >

Information Security Management Expository Essay

Exclusively available on Available only on IvyPanda® Made by Human No AI
  1. Introduction
  2. Conclusion
  3. References

Introduction

Information is critical to the functioning of every organization. It defines its operations and activities. The concept of security management is thus elusive and focuses on organizational security. Organizations have remained active in terms of acquisition of information management systems.

These systems are meant to aid organizations in securing their information. This paper discusses the concept of information security basing on the case.

The paper looks into the practice of information management and security taking into account the ethical and legal matters which surround information security and management.

At the initial stages of operation, most information is saved within an organization. This is backed by the argument that there are fewer transactions at this period. As firms expand their operations to include many external players, the concept of preserving and securing information becomes elusive.

The issue of information security management in Stratified Custom Manufacturing began to be addressed when the company entered and successfully implemented an initial public offer. This denoted that the firm was officially entering the public trading environment, hence exposing itself to competitors.

Most current organizations have information management departments which help in preserving and controlling the flow of information within and without the organization.

Companies embracing the use of information and communication technology in discharging organizational functions are often prone to security risks. Information security is thus a great concern for these companies.

Information security is critical in safeguarding company data. Information security entails the safeguarding of company information from the external environment as well as technological faults or threats.

A substantial number of legal and ethical issues touch the implementation of information security by companies (Whitman &Mattord, 2011).

According to Information Systems Audit and Control Association (2010), information security is a detailed management issue that calls for managerial attention. Stratified Custom Manufacturing established a broader information management security department.

The security team of the company is focused on several aspects of information security. This is reflected in the top security management team positions. The company has other security managers under control of the senior.

There are a manager in charge of administrative security, a technical security manager and a security and compliance manager, among the others.

In addition to this, the company has a broad policy framework for information management. This forms the ground on which department draws the guidance on information security management.

Policies in security management in organizations seek to guide and set limitation to the level of information sharing in an organization. Information belonging to organizations is secured and limited to viewing only by accredited entities.

Policies on information security stipulate on the way information is shared within and without the organization.

A violation regarding the access and the use of company information is easily identified, so the necessary steps will be taken to deal with it. Those identified breachings of the information security rules are punished in different ways.

One of the means used to punish information security offenders is by denying them privileges to access and use the information belonging to the organization. This takes place in different ways, for example, by barring such people from accessing information devices.

The other way of punishment is deactivation of access details of the individual to retrieve or view the company information.

In some cases, information security offenders are prosecuted and forced to pay fines or compensation for the damage caused to the company (Whitman & Mattord, 2011). In most cases, assessment of the risk caused is done before the users are punished.

Information security management is complicated by the growing patterns and trends of management that encourage the sharing of information between different organizations.

With the prevailing trends and use of information technology, it is difficult to secure organizational information. Piece of legislation on information security management also varies making it difficult for organizations to formulate policies on information security (Straub, 2008).

Ethical issues also touch the managerial practice of security management. The main issue in information security management is the level to which organizations conceal their information. Companies are encouraged to share information and access more external sources (Whitman &Mattord, 2011).

The information helps organizations in improving strategic management practices. They get to know the tactics of management that are used by other organizations performing well in the market. Competition between organizations is open.

They are encouraged to practice positive competition as they work on improving the service delivery to their customers. Therefore, the open release and sharing of information is one of the methods of open competition.

The other point on ethics and information security is that firms are required to improve their relations with employees. Building healthy relationships and motivating work environment enhance information security in organizations. This step has proved to be more effective than other methods (Whitman &Mattord, 2012).

Conclusion

The responsibility for information security has become an organizational matter more than a concern of legislative bodies. Organizations need to actively participate in and work on improving their systems by making them less prone to information leakage.

The model of information security management taken by Stratified Custom Manufacturing is a desired step in ensuring that the company information is secure.

References

Information Systems Audit and Control Association.(2010). Certified Information Security Manager review manual 2011. Rolling Meadows, IL: ISACA.

Straub, D. W. (2008). Information security: Policy, processes and practices. Armonk, NY [u.a.: Sharpe.

Whitman, M. E., & Mattord, H. J. (2011). Readings and cases in information security: Law and ethics. Boston, MA: Course Technology, Cengage Learning.

Whitman, M. E., & Mattord, H. J. (2012). Principles of information security. Boston, MA: Course Technology.

Rate
More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2019, June 27). Information Security Management. https://ivypanda.com/essays/information-security-management/

Work Cited

"Information Security Management." IvyPanda, 27 June 2019, ivypanda.com/essays/information-security-management/.

References

IvyPanda. (2019) 'Information Security Management'. 27 June.

References

IvyPanda. 2019. "Information Security Management." June 27, 2019. https://ivypanda.com/essays/information-security-management/.

1. IvyPanda. "Information Security Management." June 27, 2019. https://ivypanda.com/essays/information-security-management/.


Bibliography


IvyPanda. "Information Security Management." June 27, 2019. https://ivypanda.com/essays/information-security-management/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
Privacy Settings

IvyPanda uses cookies and similar technologies to enhance your experience, enabling functionalities such as:

  • Basic site functions
  • Ensuring secure, safe transactions
  • Secure account login
  • Remembering account, browser, and regional preferences
  • Remembering privacy and security settings
  • Analyzing site traffic and usage
  • Personalized search, content, and recommendations
  • Displaying relevant, targeted ads on and off IvyPanda

Please refer to IvyPanda's Cookies Policy and Privacy Policy for detailed information.

Required Cookies & Technologies
Always active

Certain technologies we use are essential for critical functions such as security and site integrity, account authentication, security and privacy preferences, internal site usage and maintenance data, and ensuring the site operates correctly for browsing and transactions.

Site Customization

Cookies and similar technologies are used to enhance your experience by:

  • Remembering general and regional preferences
  • Personalizing content, search, recommendations, and offers

Some functions, such as personalized recommendations, account preferences, or localization, may not work correctly without these technologies. For more details, please refer to IvyPanda's Cookies Policy.

Personalized Advertising

To enable personalized advertising (such as interest-based ads), we may share your data with our marketing and advertising partners using cookies and other technologies. These partners may have their own information collected about you. Turning off the personalized advertising setting won't stop you from seeing IvyPanda ads, but it may make the ads you see less relevant or more repetitive.

Personalized advertising may be considered a "sale" or "sharing" of the information under California and other state privacy laws, and you may have the right to opt out. Turning off personalized advertising allows you to exercise your right to opt out. Learn more in IvyPanda's Cookies Policy and Privacy Policy.

1 / 1