O'Reilly logo

Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors by Christopher Wright

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 6: SECURITY AND DATA PRIVACY

Overview

There is increasing awareness in the media and elsewhere of cyber terrorism and cyber crime. These are very real risks. Less publicised are the internal risks of data loss – through deliberate action or simple carelessness/lack of understanding of the risks. I like ISACA’s definition of information security. It defines information security as something that:

 

“Ensures that within the enterprise, information is protected against disclosure to unauthorised users (confidentiality), improper modification (integrity) and non-access when required (availability).”

This definition clearly makes it the responsibility of the organisation to protect its information, in the same way as it would any other asset ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required