Information Security Governance Papers
| Paper Title | Information Security Education, Training and Awareness |
|---|---|
| The Abstract of The Paper |
Information is the lifeblood of most companies today. Anything that is this
important to an organization needs:
the attention of the Board and to be protected properly. The Board should ensure that a sound Information Security Management System (ISMS) is in place the adequately protect the information resources of the organization. On the other hand, it is generally accepted today that the protection of the information assets of an organization is the responsibility of ALL employees. Everybody that has access to, communicates, uses, or stores copies of company information must assist in the holistic process of protecting this important organizational asset. These include all users that have access to any organizational information system (end-users), management, IT staff, contract workers and third party companies. Most company information is nowadays captured, stored, processed and communicated through one or other electronic means. BUT, much of the critical company information is also faxed, photocopied, printed on paper or resides in employees’ heads, etc. Furthermore, this valuable company information may be highly mobile as copies of it might be stored on laptop computers, PDAs, cell phones and other highly transportable equipment that can be stolen or lost. Thus, it is very important today that all ‘information workers’ should be knowledgeable and be able to play an active role in the protection of valuable company assets. |
| Web Link | http://www.springerlink.com/content/u57x1h0v78u8786x/fulltext.pdf?page=1 |