IT Security: The Need for Effective Controls, Implementation, and Management

991 Words4 Pages
IT security: The need for effective controls, implementation, and management In the modern business world, effective use of information systems is vital for businesses to stay afloat. But it is just as important that those systems remain secure. Information Systems Security means "incorporating system analysis and design method, manual information systems, managerial issues" and also assessing "both societal and ethical problems" that could affect employee behaviors regarding security (Norman & Yasin 2010: 231). Impingements upon the security of information systems can impact employees, company operations, and customers (which can have a negative effect upon the company's reputation and future profits). Yet despite the overwhelming evidence of the need for IS security, a 2009 survey of organizations by the consulting firm Deloitte found that 32 per cent of respondents reduced rather than increased their information security budgets over the past year, despite evidence that security breaches are on the rise. "There are many plausible explanations to this situation and one glaring reason is low management concern about IS security (Norman & Yasin 2010: 231). Security must be viewed as a potential company asset, just as much as its human resources and physical and technical capabilities. For example, for retailers that are conducting more and more company operations online, "trust factors and security issues are part and parcel of ecommerce success. The critical
Open Document