Security Program Management

Security Program Management

Introduction

Information is the basic component of any organization. Each organization nowadays has more or less some private information. The main problem is to secure this information from being leaked, data loss and to be in the notorious hands. To achieve this target an information security program is needed, of same importance than any other security programs. A complete information security can be only achieved if there is a precious information security program is present in the organization and this can only be done by a proper management. This management is known as the information security program management or only security program management.

The aim of this short paper is to examine and analyze the research done in the field of information security. This paper describes the theoretical and researchers definition of the information security management and the information security governance.

Discussion

Security Program Management

Threats and vulnerabilities, to the information of an organization, results in the disclosure of the organizational goals and objectives. To fight these threats and risk a security program should be developed and applied to the system. The maintenance and further improvement of the security program is known as security program management.

Security program management is defined as the information security program that is as important as other management programs in the organization. Robert Dacey describes the security program management as an outline that makes sure that safety threats are recognized and valuable solutions are determined and applied properly (Andrews D. A. Jr. 2003).

According to Barla et.al, (2007) the information security management or security program management is a logical advancement to encircle people, process and Information Technology (IT) systems that safeguards critical systems and information protecting them from internal and external threats.

Security program management is important factor in providing a fool proof security to the information. The objective of the information security program management is to develop and run a security plan for the possible information and data related risks in the organizational environment and to stop the threats raised by them.

Information Security Governance

The definition of the information security governance is the process of identifying, assessing and then establishing and maintaining an outline to give the guarantee of the security of the information technology by developing and doing legislation. The laws and regulations applied by the government or by the organization itself in order to maintain the policies of risk management in the field of information ...