With
today’s standards of online being the pinnacle of business having only the
likes of adware, malware and virus protection is not enough. Since the start of
the internet hackers and the likes have always been in front of information
security and controls, so a business that relies on using servers that have a
portal to the internet need more than these basic controls. COBIT 5 outlines
how a business wide knowledge of information security protocols and controls is
crucial (Wolden, Valverde, & Talla, 2015). Businesses should apply the
framework of COBIT 5 using few principles that are outlined in simple and
concise language. In regard to the policies surrounding information security
and access should also be included when applying COBIT 5. Businesses should
also promote risk management practices in order to avoid risk scenarios, which
can trigger a loss event (Wolden, Valverde, & Talla, 2015). Vulnerabilities
that cause these types of events are usually associated controls strengths or
threat strengths. Therefore a business that does not constantly assess risks
and controls on information will expose itself to more risk from multiple
sources.
Reference
Wolden, M., Valverde,
R., & Talla, M. (2015). The effectiveness of COBIT 5 Information Security
Framework for reducing Cyber Attacks on Supply Chain Management System.
IFAC-Papersonline, 48(3), 1846-1852. http://dx.doi.org/10.1016/j.ifacol.2015.06.355
No comments:
Post a Comment