The
word "security" is all encompassing of steps taken to ensure the
safety of an organization or state (Merriam-Webster 2018). In the case of an
organization, security would include the safe keeping of building, machinery,
computers (hardware and software), furniture, vehicles, non--tangible assets
like investments, shares in other companies and so on. In this list, technology
related assets are part not whole/all of the things that requires safety
measures. This means decisions on such matters will belong to management who
has the overseeing power over all of the things and the organization in itself,
especially commitment of resources to security and information systems,
controls (Laudon, 2012).
The
security of an organization though include I.T., it is not limited to it.
Management decisions on security include exponentially increasing level of
planning, analysis of data, decision making, maintenance, implementation.
There
is also the business side of things for example determination of non-tech side
of security of company's product be it goods or services. The members of
management decide on tech side of security in collaboration with input from
members of the technical team, for example the type of Firewall to install,
Intranet, internal software, customization of applications, organization's
need, server to use, best cctv for organization's premises et cetra
The
management team gets information on risk levels and exposure of the
organization- technological, that is; from IT staff and the management weighs
the information(options) against costs and decide on what line to take from
options made available. For example some of the ransom-ware cyber attacks to
hospitals all over the world last year, were resolved by third party IT
security, those were consulting firms not the in-house IT department(s), such
matters are managerial decisions. Even in cases where higher level of IT
security than what the technology department can handle is required, the
management makes that decision whether to send technology department staff on
training and when (Bloomberg, 2017).
.
Reference
Laudon
K.C. & Laudon J.P. (2012), Management Information System. Managing the
Digital Firm. 12, Pp 330-370
Robertson
J. (2017, May 13), Bloomberg, Hospitals Gain Control After Ransom Hack,
More Attacks May Come. Retrieved
from https://www.bloomberg.com/news/articles/2017-05-12/ransom-hack-racking-up-victims-with-hospitals-most-at-risk
Security
n.d. (2018) Merriam-Webster Collegiate Dictionary. Retrieved
from https://www.merriam-webster.com/dictionary/security
No comments:
Post a Comment