Security Risk Management SRM and Auditing Essay -- essays research pap

AbstractThe term be prep ard applies especially well to todays business environment, where enterprises across all industries and locations are challenged by a volatile, increasingly unpredictable world. In addition to protecting their internal resources, organizations must consider the security and well-being of their employees, partners, suppliers and customers, as well as the reliability of the web of networks and systems on which most now depend. Stop Managing Security. Start Managing Risk.The way forward lays in a security risk management (SRM) tone-beginning that protects your company from the most severe threats to critical IT systems and operational processes. SRM helps your organization understand its assets and analyze the vulnerabilities it must address. Security risk management also facilitates internal and extraneous compliance initiatives. It enables your organization to enforce policies that relate to the integrity of customer data, the configuration of corporate appli cations and databases, and the accuracy of financial reports. Companies that take a systematic approach to SRM withdraw additional benefits operational efficiencies that lead to better management of resources and reduced costs. Its up to all the parties involved in the IT operations and security mission to demonstrate that they freighter take on the demands of this new challenge. Security is a wide concept, it is a separated subject with its own theories, which focus on the process of attack and on preventing, detecting and recovering from attacks (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on naturalised security standards, procedu... ...om norm, Network World Canada, Jun 24, Vol. 15, Is. 12, pp1-10, Gulati R, 1999, Network location and learning the influence of network resources and firm capabilities on alliance formation, Strategic Management Journal, Vol. 20, I s. 5, May, pp 397-399Osborne, Keith (1998), Auditing the IT Security Function, Computers &, Security, Vol. 17, NO.1, pp35-39.Hampton D K, putz R &, Walker H T D, 1996, Relationship-Based Procurement strategies for The 21st Century, Vis, Canberra.Johnson, Jim (1995), CHAOS The Dollar Drain of IT Project Failures, Applied Development TrendOBrien, James and Marakas, George (2007) insane asylum to Information Systems, 13th ed. McGraw-HillWilliam C &, Dennis L &, Michael S (1996), Information Security Handbook, NY MacMillian Press LTDGladstone D, 1988, Venture Capital Investing, Prentice Hall, New Jersey.