Information Security

With today’s standards of online being the pinnacle of business having only the likes of adware, malware and virus protection is not enough. Since the start of the internet hackers and the likes have always been in front of information security and controls, so a business that relies on using servers that have a portal to the internet need more than these basic controls. COBIT 5 outlines how a business wide knowledge of information security protocols and controls is crucial (Wolden, Valverde, & Talla, 2015). Businesses should apply the framework of COBIT 5 using few principles that are outlined in simple and concise language. In regard to the policies surrounding information security and access should also be included when applying COBIT 5. Businesses should also promote risk management practices in order to avoid risk scenarios, which can trigger a loss event (Wolden, Valverde, & Talla, 2015). Vulnerabilities that cause these types of events are usually associated controls strengths or threat strengths. Therefore a business that does not constantly assess risks and controls on information will expose itself to more risk from multiple sources.

Reference

Wolden, M., Valverde, R., & Talla, M. (2015). The effectiveness of COBIT 5 Information Security Framework for reducing Cyber Attacks on Supply Chain Management System. IFAC-Papersonline, 48(3), 1846-1852. http://dx.doi.org/10.1016/j.ifacol.2015.06.355