Key Principles and Practices
This section discusses the key principles and practices related to information security.
Chapter 3 “Key Concepts and Principles,” starts by explaining that every organization exists for achievement of its objectives. In this regard, we mention that information security has to be implemented keeping in mind an organization’s business objectives and business requirements, such as how the information technology has to enable information security which, in turn, will protect its business, its customers, its partners, its systems including its people, infrastructure (including its networks), and applications. We ...