Is3350 Unit 3

The departments of a company that are holding personal information are required to have adequate security measures in place. Those include technical measures (such as firewalls) and organisational measures (such as staff training).

Information system is a combination of hardware, software, infrastructure as well trained personnel who organized and facilitate planning, control, coordination and decision making within an organization. Information systems are also able to implement a vital integrated set of components for collecting, storing, and processing data. With this, it provided organizations with the necessary information, knowledge, and digital products needed. Information system bring the meaning of business applications that manage their operations, compete in the market place, manage accounts and human resources. This system have a vast variety of components that are crucial for a enterprise, business to function at his highest level, IT software is responsible that all system are reliable and up to date.

The risk of hackers getting through the firewalls and information encryption is also another disadvantage.

These Policies and procedures are in place to adhere to, to keep everyone safe and maintain a safe place to work for everyone to work in. Keeping

Confidentiality within all companies is very important as employees have access to a lot of important information on the company that they could potentially steal, tell others about, post it online or more. Companies have policies in place which are put in place to let their staff know that these such things are unacceptable and helps to reduce this from taking place but will not stop them from their employees doing it. Confidentiality is also important between the company and all their customers and is part of the policy. The companies that hold information on their customers by law are not allowed to give out the information they hold to anyone else without that person’s permission, if this was to happen in the company it will result in actions taking place such as a fine or even worse.

It is every company mandatory requirement to make sure sensitive data is protected from public access at all times. In large organization sensitive information such as employee salary and performance should be kept confidential from most of the DBA users. For this DBMS uses database security and authorization subsystems that is responsible for security to the portions of database or to restrict the access to the sensitive information.

Below the top leadership of an organization comes a body of supervisors who deal with employees on a daily basis. Similar to the management situation, if supervisors are more engaged with employees when it comes to information security, employees are likely to comply with the guidelines regulating information within the organization (Chen, Ramamurthy, Wen, 2012).

Duty of Loyalty/Act in Good Faith/Duty to Account – As a customer service representative for Deluxe Check Printing, you’re on the phone daily taking check orders. Customers from all over the world would call to place check orders providing their checking and saving account numbers. Some customers had special orders, which indicated they were wealthy or well-to-do clients. As a loyal employee, once you place the check order the information provided was to be disposed of properly. At no time were you allowed to copy the information to be used for any personal use or leave such information out on your desk at the end of your shift. However, you would sometimes discuss with another employee about special check orders.

Obviously, the power of Information System in any organization or company cannot be down looked. This is basically because IT has led to a revolution and to great developments in aspects of concern to management, production, processing, payments and services in different organizations. It is however worth noting that there is a very critical problem associated with strategic advantage of this system. Copy pasting what other people have been doing in the past has been the norm for many entrepreneurs. In this context, many entrepreneurs have devoted huge chunks of capital in the utilization of common IT systems (Carr, 2003). In this case, aspects of concern to uniqueness, innovation and

Treatment of Private Information: Protect the client, the company, and yourself. All sensitive client or company information must stay within the realm of the company. Sensitive information includes: client social security numbers, company usernames and passwords, access to company bank accounts, etc. Any employee found sharing private company, client, or fellow employee information will be suspended immediately.

According to Ballad, Ballad and Banks (2011), “Information is the backbone of many business processes.” Similarly, it has always been said and proved true that information is power. This implies that productivity and profitability are enhanced by the accessibility and availability of required information. The downside, however, is that when this information falls into the wrong hand at the wrong time, the power could be channeled towards unimaginable damage. In any business setting, the storage and accessibility of this information is secured by various systems, including computerized and manual layers. This in turn implies that during the times when people need information, certain levels of access permissions should be observed. Whether the people are worker, stakeholders or customers, the information accessibility levels must be observed at all times.

When sensitive data is processed outside the enterprise, or by non-employees, it means that organizational managers are less immediately aware of the nature and level of

Management Information System – This system helps with carrying out the tasks required for problem solving and decision making. These are management level systems and help with the smooth running of the organisation. It helps with generating reports necessary for running and

Data in regard to an employee’s tax records, personal data, employment contracts and training data, transactions, entry/exit records and browsing/working records are deemed sensitive data.

Have to secure the information which is given to internal management which improves board’s oversight role in the company.