Security Risk Management SRM and Auditing Essay - 1033 Words

Abstract The term â€Å"be prepared† applies especially well to today’s business environment, where enterprises across all industries and locations are challenged by a volatile, increasingly unpredictable world. In addition to protecting their internal resources, organizations must consider the security and well-being of their employees, partners, suppliers and customers, as well as the reliability of the web of networks and systems on which most now depend. Stop Managing Security. Start Managing Risk. The way forward lays in a security risk management (SRM) approach that protects your company from the most severe threats to critical IT systems and operational processes. SRM helps your organization understand its assets and analyze†¦show more content†¦The lack of management support is one of the key failures for IT project implementations (Johnson 1995). Similarly, without adequate management support, IT security audit would not accomplish much. Part of a balanced SRM is a proper risk evaluation or an audit. An IT security audit should be integrated into the corporate management function as an important priority. There are two types of management approach to the IT security function in the organization. The first is the bottom-up approach. The implementation of the IT security audit is from the grass-root level, whereby, the systems administrator and technical officers are the one making the decision on how to improve the security systems. This is advantageous because t hey possess technical expertise to enable them to execute these IT security functions. However, even with the best technical expertise, IT security within an organization would still be vulnerable due to lack of participation support from top management and the users of these IT systems. Another management approach is the top-down approach. The IT security audit is initiated by the top management. Top management is responsible for setting the organizations goals and making sure that the IT security function is aligned with these goals. This includes creating a corporate culture which appreciates the importance of IT security. The support for IT security auditing in the organization is shownShow MoreRelatedThe Evaluation of the Accounts Payable Process in Cebu Shared Service Center6372 Words   |  26 Pagesthe Study The current economic crisis highlights the disastrous results when risks associated with strategies are ignored or ineffectively mismanaged. Most companies failed because of the absence or lack of proper risk management. Risk management is â€Å"a process of understanding and managing the risks that the entity inevitably subject to in attempting to achieve its corporate objectives. For management purposes, risks are usually divided into categories such as operational, financial, legal, complianceRead MoreProject Managment Case Studies214937 Words   |  860 PagesPROJECT MANAGEMENT CASE STUDIES, SECOND EDITION - PROJECT MANAGEMENT CASE STUDIES, SECOND EDITION HAROLD KERZNER, Ph.D. Division of Business Administration Baldwin-Wallace College Berea, Ohio John Wiley Sons, Inc. This book is printed on acid-free paper. @ Copyright O 2006 by John Wiley Sons, Inc. All rights reserved. Published by John Wiley Sons, Inc., Hoboken, New Jersey Published simultaneously in Canada No part of this publication may be reproduced, stored inRead MoreIntroduction to Large Scale Organizations18988 Words   |  76 PagesUNITS 3 AND 4 BUSINESS MANAGEMENT SUMMARY UNIT 3 AOS1 – LARGE SCALE ORGANISATIONS IN CONTEXT LARGE SCALE ORANGISATIONS -An organisation is an entity enabling groups of people to work in a planned and coordinate way to achieve a common goal or objective Classifying LSO s *Number of employee s exceeds 200 (according to the ABS) *Revenue (gross income) is in the millions of dollars *Total assets or market capitalisation (no. of shares x share value) is over $200 million *Profit after tax isRead MoreManaging Information Technology (7th Edition)239873 Words   |  960 PagesNIBCO’s â€Å"Big Bang†: An SAP Implementation CASE STUDY III-6 BAT Taiwan: Implementing SAP for a Strategic Transition CASE STUDY III-7 A Troubled Project at Modern Materials, Inc. CASE STUDY III-8 Purchasing and Implementing a Student Management System at Jefferson County School System CASE STUDY IV-1 The Clarion School for Boys, Inc.– Milwaukee Division: Making Information Systems Investments CASE STUDY IV-2 FastTrack IT Integration for the Sallie Mae Merger CASE STUDYRead MoreIntroduction to Materials Management169665 Words   |  679 PagesFrom the Library of Girro From the Library of Girro@qq.com Introduction to Materials Management SIXTH EDITION From the Library of Girro J. R. Tony Arnold, P.E., CFPIM, CIRM Fleming College, Emeritus Stephen N. Chapman, Ph.D., CFPIM North Carolina State University Lloyd M. Clive, P.E., CFPIM Fleming College Upper Saddle River, New Jersey Columbus, Ohio From the Library of Girro@qq.com From the Library of Girro Editor in Chief: Vernon R. Anthony Acquisitions Editor: