|
| |
simplicable technology guide
»
security
»
security management overview
Information Security Management in 90 Seconds
posted by John Spacey, February 13, 2011
Information Security Management (ISM) is an increasingly important part of corporate governance. In fact, most large companies are now legally required to report their information security status to shareholders (ie. Sarbanes-Oxley Act of 2002 etc..).
What is Information Security?Information Security ensures data confidentiality, control, integrity, authenticity, availability and utility.
Confidentiality Restricting access to data. Example: new product designs should be hidden from competitors.
ControlPossession of data. Example: loss of a corporate laptop — if the hard drive is encrypted confidentiality has been maintained but control has been lost.
Integrity Data correctness. Example: banks must calculate and store account balances correctly.
Authenticity Confirming the source of data. Example: is an email really from the company CEO?
Availability Timely access to data. Example: necessary information must be available to staff to do their jobs (denial of service attacks seek to disrupt data availability).
Utility Data must be in a useful format. Example: encrypted data is secure but not usable.
|
IT career management
|
|
Yes and no. There's no ITIL certification process offered by ITIL itself. However, an organization that's reached ITIL maturity can generally be ISO 20000 certified.
|
|
Enterprise Software
|
|
What is security trying to achieve?
|
Recently on Simplicable
| |
posted by Anna Mar
A list of information security strategies and techniques.
|
| |
posted by Anna Mar
Popular ideas such as cloud computing get twisted, turned and flipped upside down before anyone can agree on common definitions.
|
| |
posted by Anna Mar
Modern technology customers and industry insiders are faced with a constant stream of change. Human ability to adapt to this pace of change is remarkable.
|
| |
posted by Anna Mar
Enterprise architects are leaders. They're near the top of the technical food chain in any organization. As leaders, there are a lot of people in the organization EAs can help.
|
|
