Cmgt 400 - Week 4: the Role of Information Security Policy

1001 Words5 Pages
Security is one of the most important things that any organization should be concerned about. Protecting not only the organization itself and its employees, but also the information and data stored by the organization, is something that is expected of organizations. Without the proper security in place, the organizations information and data would be susceptible to theft and fraud. The threat of theft or fraud can come from anywhere; a malicious third party outside the organization, a disgruntled former or current employee, or even an unsuspecting employee who doesn’t realize that what they are doing is a threat to security. There are many ways that an organization can take steps to counter these threats, as well as respond to them should preventative measures fail. Employees are a vital part to any organization, and the organization could not exist without them. As an organization grows in size and scope, there will be more employees who join the organization which is good for the organization, but it also presents a security risk. Any organization stores information of some kind, though some organizations store information that is more sensitive or private than others. In these organizations, the employees, customers, and clients all expect that the information they provide will be safe. It is the responsibility of the management of the organization to ensure that measures are in place to safeguard that information. The first thing the company should consider is the security risk presented by the employees and other workers within the organization. While they may not intend to be a security risk, their jobs require them to have access to at least some portion of information, which can make that information vulnerable. In a worst case scenario, an employee with access to information may either intentionally or unintentionally steal or modify data, and
Open Document