Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … eighty articles from seven top-tier IS Journals and found no comprehensive framework. (Cannoy, 2006). All the research that had been done was largely fragmented and focused on policy and infracture issues. There were few proposals of formal variables and/or hypothesis and the ones that were there were ill-defined and too narrow or broad in scope. Most of the organizations were reluctant to participate in the studies.
It is surprising that there has been little research done for IT issues, but the media has had a lot of issues where IT was concerned. Intentional attacks on IT systems are costing businesses and estimated $15 billion a year and rising. (Myler, 2006). New bills are pending in legislature, including S1408 Identity Theft Protection Act and H.R. 4127 The Data Accountability and Trust Act. There is a greater need to address IT from legal, operational, and compliance perspectives. The Federal Government is working for tighter IT control and accountability on organizations to protect sensitive data and hold them accountable.
ISO 17799 is a standard framework for IT security. It entails nine steps to build a framework, including risk assessment, security policy, asset inventory, accountability, physical security, operating procedure documentation, access controls, coordination of business continuity, and compliance. It also has clauses, such as Clause 10.9 that establishes e-commerce counter measures and Clause 13.1 providing methodology for reporting incidents. Is it not being enforced? Are companies feeling that information should have low security? Do they look at its importance...
There is a greater need for senior management to take a greater hold of monitoring and enforcing information security than ever before. Even though there has been little research to develop more effective frameworks and methods, information security systems need constant monitoring and evaluation for continual improvement and accountability. Implementing security policies and training employees alone does not cut it. Organizations cannot rely strictly on policies, training, and software to strongly secure an information system. There must be enforcement and continued monitoring for improvement and to spot incidences as they occur.
This course covered a lot of territory where the protection of information systems is concerned, but with little research being done, organizations reluctant to participate in studies where research can be done, and the media being filled with more and more information security issues, there is still more to learn about securing the networks of organizations. Organizations still need more guidance in improving the information systems on a case by case basis. Because businesses are unique in their own way, the…
Bibliography
Cannoy, S.P. (2006). A research framework for information systems security. Journal of Information Privacy & Security, 2(2), 3-29.
Myler, E. & . (2006). ISO 17799: Standard for Security. Information Management, 40(6), 43-52.
Siponen, M. (2006). Information Security Standards Focus on the Existence of Process, Not Its Content. Communications of the ACM, Vol 49, No. 8, 97-100.
The Security Framework for Information Technology. (n.d.). Retrieved from TNS: http://www.tns.com/it-security-framework_asp
Zongshen R+d Innovations in strategic planning Organizational analysis of Chinese industrial firm, Zhongqing Zongshen Automobile Industry Manufacturing Co., Ltd., offers much in terms of understanding the global powerhouse as an industrial economy of scale. If China's macro-economic position is one of increased export growth, then micro-analyses enable us to uncover the ingenuity and strategies behind the giant. Zongshen Motorcycle brand is one of the core subsidiaries of Zongshen Industrial Group, with consumer
Quality Improvement Program Needs Assessment and Quality Improvement Plan Paula Stechschulte, PhD, RN Quarter This paper discusses the process of drafting a quality improvement plan at a community level medical facility, a plan that is aimed at reducing days under urinary catheter and also reducing the rates of infections associated with the said catheters. As a high rate of incidence of infection related to catheter usage is costly for the hospital, this implementation