Security Management Models for Information Systems Essay

1075 Words 5 Pages

Security management within the context of information systems “needs a paradigm shift in order to successfully protect information assets” (Eloff & Eloff, 2003). Due the rapid increase in information security threats, security management measures have been taken to proactively remedy the growing threat facing information security. As a result of this, security management “is becoming more complex everyday, many organization’s security systems are failing, with serious results” (Fumey-Nassah, 2007). To remedy the increase threats to information security systems, organizations are seeking alternatives to network vulnerabilities from malicious attacks. There are several management measures that organizations must take to fully
…show more content…
In ERP systems, security management is critical because an organization must be concerned with “establishing and maintaining a secure information environment” (Eloff & Eloff, 2003). Access controls measures must also be considered when granting access and controls to users of an organization. Furthermore, the restriction of information negates penetration of network vulnerabilities to the access of information assets. When considering a security management approach, organizations must not fail to consider the systematic structure that enables the full functionality of information systems.
Essentially, the “domain of information security management is no longer exclusively of a managerial nature, technical aspects also need to be considered on management level. Information security management can be approached from various perspectives” (Eloff & Eloff, 2003). The strategic approaches that an organization decides to pursue will be influenced by the foundational approaches discussed which affect the management, operational and the technical aspects of information systems. There are issues pertaining to technical security, policies, and issues that pertain to management. Furthermore, organizational culture and organization awareness must also be considered when making security management decisions
There are several
Open Document