Cyber Security Implementation: A Project Management Approach
VerifiedAdded on 2023/06/11
|18
|4346
|331
Report
AI Summary
This report assesses the importance of information technology and the implications of cyber threats, focusing on project management planning for cyber security in organizations. It discusses the implementation of cyber security methodologies, referencing Abu Dhabi Commercial Bank's cyber security system and management plan. The paper provides guidelines for implementing cyber and data security, offering effective ways to eliminate security threats and risks associated with cyber security in organizations. It covers IT project management processes, information system management, project planning and control, staffing and costing, information system security, cybercrime vulnerabilities, risk assessment frameworks, data security, enterprise resilience, cyber security management strategies, human factors, governance, auditing, and risk management tools, emphasizing the importance of organizational governance for information systems and cyber security.
Running head: CYBER SECURITY IN THE ORGANIZATION
CYBER SECURITY IN THE ORGANIZATION
Name of the Student:
Name of the University:
Author Note:
CYBER SECURITY IN THE ORGANIZATION
Name of the Student:
Name of the University:
Author Note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1CYBER SECURITY IN THE ORGANIZATION
Abstract
The information technology is playing the vital role in the communication in the organization.
The increased dependency on the internet has developed the risks form the cyber threats. The
main aim of this paper is to evaluate the importance of the information technology along with the
implications and the issues related to the cyber threats. The discussion has been developed in the
general sense which includes the explanation and the significance of the different terminology
regarding the implementation of the cyber security methodologies. The primary objective of this
paper is to evaluate the project management planning to maintain the cyber security in the
organization. In this context, the reference of the cyber security system and the managing plan
has been discussed at Abu Dhabi Commercial Bank. The discussion in the paper provides the
proper guideline or the roadmap for the implementation of the cyber security and the data
security in the organization. Along with that it also helps to give the ways those are effective in
the elimination of the security threats and the risks associated with the cyber security in the
organization.
Abstract
The information technology is playing the vital role in the communication in the organization.
The increased dependency on the internet has developed the risks form the cyber threats. The
main aim of this paper is to evaluate the importance of the information technology along with the
implications and the issues related to the cyber threats. The discussion has been developed in the
general sense which includes the explanation and the significance of the different terminology
regarding the implementation of the cyber security methodologies. The primary objective of this
paper is to evaluate the project management planning to maintain the cyber security in the
organization. In this context, the reference of the cyber security system and the managing plan
has been discussed at Abu Dhabi Commercial Bank. The discussion in the paper provides the
proper guideline or the roadmap for the implementation of the cyber security and the data
security in the organization. Along with that it also helps to give the ways those are effective in
the elimination of the security threats and the risks associated with the cyber security in the
organization.
2CYBER SECURITY IN THE ORGANIZATION
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................3
IT project management process...................................................................................................3
Information system management.................................................................................................4
Project planning and control........................................................................................................5
Staffing and costing of the project...............................................................................................5
Introduction to information system security................................................................................6
Cybercrime and information systems vulnerability.....................................................................7
Multi criteria Decision Framework for Cyber security Risk Assessment and Management......7
Information/data security and enterprise resilience...................................................................8
Strategies for enterprise cyber security management..................................................................9
Understanding Human Factors in Cyber Security as a Dynamic System...................................9
Information systems security governance and auditing.............................................................10
Risk management tools..............................................................................................................10
The importance of organisation governance for Information systems and cyber security............12
Conclusion.....................................................................................................................................13
References......................................................................................................................................14
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................3
IT project management process...................................................................................................3
Information system management.................................................................................................4
Project planning and control........................................................................................................5
Staffing and costing of the project...............................................................................................5
Introduction to information system security................................................................................6
Cybercrime and information systems vulnerability.....................................................................7
Multi criteria Decision Framework for Cyber security Risk Assessment and Management......7
Information/data security and enterprise resilience...................................................................8
Strategies for enterprise cyber security management..................................................................9
Understanding Human Factors in Cyber Security as a Dynamic System...................................9
Information systems security governance and auditing.............................................................10
Risk management tools..............................................................................................................10
The importance of organisation governance for Information systems and cyber security............12
Conclusion.....................................................................................................................................13
References......................................................................................................................................14
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3CYBER SECURITY IN THE ORGANIZATION
Introduction
The management of the information technology is a critical issue regarding the proper
deployment of the information technology infrastructure. The control of the information
technology in the organization includes different issues like maintaining the cyber security,
adequate monitoring of the system. To manage the IT infrastructure properly, there are specific
steps and the planning are needed to be followed by the organization (Ashok et al. 2015). The
primary objective of this paper is to evaluate the security and the risks associated with the
implementation of the cyber system in a selected organization. The chosen, in this case, is Abu
Dhabi Commercial Bank, which is a prominent organization in the banking sector of UAE. The
primary objective of this paper is to evaluate the project management planning to maintain the
cyber security in the organization. In this context, the reference of the cyber security system and
the managing plan has been discussed at Abu Dhabi Commercial Bank. The discussion in the
paper provides the proper guideline or the roadmap for the implementation of the cyber security
and the data security in the organization. Along with that it also helps to give the ways those are
effective in the elimination of the security threats and the risks associated with the cyber security
in the organization.
Discussion
The proper implementation of the cyber security can be carried out through the
application of the project management processes. Abu Dhabi Commercial bank has adopted the
IT project management processes to implement the cyber security in the organization.
IT project management process:
Introduction
The management of the information technology is a critical issue regarding the proper
deployment of the information technology infrastructure. The control of the information
technology in the organization includes different issues like maintaining the cyber security,
adequate monitoring of the system. To manage the IT infrastructure properly, there are specific
steps and the planning are needed to be followed by the organization (Ashok et al. 2015). The
primary objective of this paper is to evaluate the security and the risks associated with the
implementation of the cyber system in a selected organization. The chosen, in this case, is Abu
Dhabi Commercial Bank, which is a prominent organization in the banking sector of UAE. The
primary objective of this paper is to evaluate the project management planning to maintain the
cyber security in the organization. In this context, the reference of the cyber security system and
the managing plan has been discussed at Abu Dhabi Commercial Bank. The discussion in the
paper provides the proper guideline or the roadmap for the implementation of the cyber security
and the data security in the organization. Along with that it also helps to give the ways those are
effective in the elimination of the security threats and the risks associated with the cyber security
in the organization.
Discussion
The proper implementation of the cyber security can be carried out through the
application of the project management processes. Abu Dhabi Commercial bank has adopted the
IT project management processes to implement the cyber security in the organization.
IT project management process:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CYBER SECURITY IN THE ORGANIZATION
The IT project management process consists of the distinct steps or the stages which
ensures the IT project will deliver the right come, meeting all the requirements of the clients.
There are five phases of the project IT project management (Han et al. 2017). The first phase
includes the gathering of the requirements and the documentation of the elements. The
requirement gathering phase is essential to phase, and the clarity in the condition reduces the
chances of scope creep in the project management. Abu Dhabi Commercial bank has gathered
the requirements at the beginning of the project planning. This helps the bank to understand the
security system that is needed to be implemented. The planning and the designing phase follow
the requirement gathering phase. The planning phase includes the planning or making the
blueprint for the execution based on the requirements. The third phase of the process is the
execution based on the plan. The monitoring and the control phase include the evaluation of the
performance of the project. The project closes with the closing stage.
Information system management:
The information management system is the database; manages all the business
information related to the financial and operational matters. The managers can obtain reports and
the feedback through the use of the information management system. Abu Dhabi Commercial
bank uses the information management system to get the financial information regarding the
business of the bank. The information management system helps to manage the data in the Abu
Dhabi Commercial Bank to maintain the economic data and get the forecast of the economic
issues and matters (Slay 2016). Information management system collects data from different
electronic checkout counters and periodic intervals. The regular reports are run on the ranges and
data are provided on demand to the project managers in the bank.
The IT project management process consists of the distinct steps or the stages which
ensures the IT project will deliver the right come, meeting all the requirements of the clients.
There are five phases of the project IT project management (Han et al. 2017). The first phase
includes the gathering of the requirements and the documentation of the elements. The
requirement gathering phase is essential to phase, and the clarity in the condition reduces the
chances of scope creep in the project management. Abu Dhabi Commercial bank has gathered
the requirements at the beginning of the project planning. This helps the bank to understand the
security system that is needed to be implemented. The planning and the designing phase follow
the requirement gathering phase. The planning phase includes the planning or making the
blueprint for the execution based on the requirements. The third phase of the process is the
execution based on the plan. The monitoring and the control phase include the evaluation of the
performance of the project. The project closes with the closing stage.
Information system management:
The information management system is the database; manages all the business
information related to the financial and operational matters. The managers can obtain reports and
the feedback through the use of the information management system. Abu Dhabi Commercial
bank uses the information management system to get the financial information regarding the
business of the bank. The information management system helps to manage the data in the Abu
Dhabi Commercial Bank to maintain the economic data and get the forecast of the economic
issues and matters (Slay 2016). Information management system collects data from different
electronic checkout counters and periodic intervals. The regular reports are run on the ranges and
data are provided on demand to the project managers in the bank.
5CYBER SECURITY IN THE ORGANIZATION
Project planning and control:
Project planning and control deals with the preparation of the execution of the project and
monitoring the performance of the project. The development of the project mainly focuses on the
making of the blueprint for the implementation of the plan (Van den Berg et al. 2014). The
planning is based on the requirements those were documented at the initial phase of the project
management (Kim, Park and Lim 2015). The implementation of the cyber security system at Abu
Dhabi commercial bank has gone through the planning phase that includes the fulfillment of all
the requirements needed for the banking system (Lee et al.2015). The planning phase ensures the
execution of the cyber security system will ensure that the transaction of the data in the banking
system will be secured and the confidential data of the consumers will be safely handled by the
banking authority (Mierzwa and Scott 2017.). The planning phase also ensures that the
unauthorized users will not access all the systems running in the bank.
The control phase includes controlling and monitoring the performance of the system.
The Abu Dhabi Commercial bank ensures that the project regarding the cyber security has been
implemented correctly and the system those are supporting the newly implemented security
measures is working correctly (Kuusisto and Kuusisto 2016). The planning phase has its
significance in the project management as it helps the project managers to understand the quality
and the performance of the newly implemented system. In case, if it is known that the system is
not meeting all the requirements and not working correctly, the further modification is needed to
be made on the project.
Staffing and costing of the project:
Project planning and control:
Project planning and control deals with the preparation of the execution of the project and
monitoring the performance of the project. The development of the project mainly focuses on the
making of the blueprint for the implementation of the plan (Van den Berg et al. 2014). The
planning is based on the requirements those were documented at the initial phase of the project
management (Kim, Park and Lim 2015). The implementation of the cyber security system at Abu
Dhabi commercial bank has gone through the planning phase that includes the fulfillment of all
the requirements needed for the banking system (Lee et al.2015). The planning phase ensures the
execution of the cyber security system will ensure that the transaction of the data in the banking
system will be secured and the confidential data of the consumers will be safely handled by the
banking authority (Mierzwa and Scott 2017.). The planning phase also ensures that the
unauthorized users will not access all the systems running in the bank.
The control phase includes controlling and monitoring the performance of the system.
The Abu Dhabi Commercial bank ensures that the project regarding the cyber security has been
implemented correctly and the system those are supporting the newly implemented security
measures is working correctly (Kuusisto and Kuusisto 2016). The planning phase has its
significance in the project management as it helps the project managers to understand the quality
and the performance of the newly implemented system. In case, if it is known that the system is
not meeting all the requirements and not working correctly, the further modification is needed to
be made on the project.
Staffing and costing of the project:
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6CYBER SECURITY IN THE ORGANIZATION
Staffing and costing of the project is an essential factor for the success of the project. The
staffs, in this case, the crews are the members of the project management team of the Abu Dhabi
Commercial bank. The selection of the project team members is needed to be chosen in a right
way so that each of the team members has the proper knowledge of the domain of the project. In
this case, the sharing of the awareness among the team members will result in the choice of the
best option for the compilation of the project (DiMase et al. 2015). Abu Dhabi Commercial bank
has chosen the group of employees who have the sound knowledge about the cyber security and
threats related to it (Pangulur, Nelson and Wyman 2017). The experience of the cyber security
has helped the team members to understand the possible risks and the threats related to this
domain, based on that the project team has implemented the implementation of the solution.
The costing of the project is another issue. Every organization granted a specific amount
of the budget for the particular project. The managers and the higher authority of the Abu Dhabi
Commercial bank have also given a budget of the specific amount for the implementation of the
cyber security in the banking process. The primary target for the project development team is to
complete the project within the budget. To do this the following of the project management
lifecycle is essential for the project development team. The planning of the project management
aims to deliver the right outcome cost-effectively.
Introduction to information system security:
The information system security aims to protect the data and the information stored in the
system of the organization. It is the responsibility of the organization to protect the confidential
and the sensitive data. In the context of the information security, the cyber security can be
discussed (Min, Chai and Han 2015). The information security and the cyber security overlap
Staffing and costing of the project is an essential factor for the success of the project. The
staffs, in this case, the crews are the members of the project management team of the Abu Dhabi
Commercial bank. The selection of the project team members is needed to be chosen in a right
way so that each of the team members has the proper knowledge of the domain of the project. In
this case, the sharing of the awareness among the team members will result in the choice of the
best option for the compilation of the project (DiMase et al. 2015). Abu Dhabi Commercial bank
has chosen the group of employees who have the sound knowledge about the cyber security and
threats related to it (Pangulur, Nelson and Wyman 2017). The experience of the cyber security
has helped the team members to understand the possible risks and the threats related to this
domain, based on that the project team has implemented the implementation of the solution.
The costing of the project is another issue. Every organization granted a specific amount
of the budget for the particular project. The managers and the higher authority of the Abu Dhabi
Commercial bank have also given a budget of the specific amount for the implementation of the
cyber security in the banking process. The primary target for the project development team is to
complete the project within the budget. To do this the following of the project management
lifecycle is essential for the project development team. The planning of the project management
aims to deliver the right outcome cost-effectively.
Introduction to information system security:
The information system security aims to protect the data and the information stored in the
system of the organization. It is the responsibility of the organization to protect the confidential
and the sensitive data. In the context of the information security, the cyber security can be
discussed (Min, Chai and Han 2015). The information security and the cyber security overlap
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CYBER SECURITY IN THE ORGANIZATION
partially as the cyber security is related to maintaining the safety of the sensitive data transmitted
through the internet (Benzel 2015). During the implementation of the project, maintenance of the
cyber security and information security will be an essential subject (Carter 2016). Abu Dhabi
Commercial bank deals with the sensitive data regarding the bank and the consumers of the
bank. Data breaches in the bank are not desirable. In this context, the bank took some security
measures for the implementation and maintaining the cyber security during execution of the
project.
Cybercrime and information systems vulnerability
Key cybercrime issues:
Security threats and the information vulnerabilities can of different types like the breaching of
data, modification, insertion or deletion of the information by the unauthorized access.
Example of some vulnerability:
One of the main threats from the cybercrime is the data breaching. The data breaching can be
done through the unauthorized access to the systems of the organizations. The data breaching
enables the entrance of the confidential information of the organization and its clients to be
exposed, which is a significant security threat for the business of the organization.
Strategies to mitigate the vulnerabilities:
Cybercrime can be regarded as the emerging risks. Presently, the word is becoming more
dependent on the internet; in this context the cyber security risks are increasing rapidly (Okubo
et al.2016.). The companies and the individuals can be affected from the cyber security risks both
directly and indirectly (Bang, Jung and Lee 2017). To mitigate the effects of the cybercrime,
partially as the cyber security is related to maintaining the safety of the sensitive data transmitted
through the internet (Benzel 2015). During the implementation of the project, maintenance of the
cyber security and information security will be an essential subject (Carter 2016). Abu Dhabi
Commercial bank deals with the sensitive data regarding the bank and the consumers of the
bank. Data breaches in the bank are not desirable. In this context, the bank took some security
measures for the implementation and maintaining the cyber security during execution of the
project.
Cybercrime and information systems vulnerability
Key cybercrime issues:
Security threats and the information vulnerabilities can of different types like the breaching of
data, modification, insertion or deletion of the information by the unauthorized access.
Example of some vulnerability:
One of the main threats from the cybercrime is the data breaching. The data breaching can be
done through the unauthorized access to the systems of the organizations. The data breaching
enables the entrance of the confidential information of the organization and its clients to be
exposed, which is a significant security threat for the business of the organization.
Strategies to mitigate the vulnerabilities:
Cybercrime can be regarded as the emerging risks. Presently, the word is becoming more
dependent on the internet; in this context the cyber security risks are increasing rapidly (Okubo
et al.2016.). The companies and the individuals can be affected from the cyber security risks both
directly and indirectly (Bang, Jung and Lee 2017). To mitigate the effects of the cybercrime,
8CYBER SECURITY IN THE ORGANIZATION
specific strategies are needed to be taken during the implementation of the project management
(DuBow et al. 2016 ). The identification of the risks will help the developer and the project
managers to implement the solutions applicable to mitigate those risks. Some of the ways those
can help to reduce the risks from the cybercrime are-
• Strong encryption in the system.
• Usage of the right passwords
• Implementation of the security protocol and using the firewall and VPN in the order.
Multi criteria Decision Framework for Cyber security Risk Assessment and Management:
Critical information regarding data security:
The data security is partially overlapped with the cyber security. The data security
concerns the excellent maintenance of the information stored in the organization. The violation
of the information security by some external entities can be regarded as the cybercrime. Some of
the roadmaps and strategies can be taken to mitigate the risks.
Strategies to develop enterprise resilience
Multi-criteria decision making framework can be achieved through the use of DECRIS
approach. The process of the DECRIS follows the mentioned approach:
• First, the establishment of the taxonomy and the dimension of the risks are evaluated. This
includes developing the hierarchy of the unwanted events (Fielder et al.2016). The activities can
be technical and non-technical events (Park, Suh and Park 2016). The decision is made on the
specific strategies are needed to be taken during the implementation of the project management
(DuBow et al. 2016 ). The identification of the risks will help the developer and the project
managers to implement the solutions applicable to mitigate those risks. Some of the ways those
can help to reduce the risks from the cybercrime are-
• Strong encryption in the system.
• Usage of the right passwords
• Implementation of the security protocol and using the firewall and VPN in the order.
Multi criteria Decision Framework for Cyber security Risk Assessment and Management:
Critical information regarding data security:
The data security is partially overlapped with the cyber security. The data security
concerns the excellent maintenance of the information stored in the organization. The violation
of the information security by some external entities can be regarded as the cybercrime. Some of
the roadmaps and strategies can be taken to mitigate the risks.
Strategies to develop enterprise resilience
Multi-criteria decision making framework can be achieved through the use of DECRIS
approach. The process of the DECRIS follows the mentioned approach:
• First, the establishment of the taxonomy and the dimension of the risks are evaluated. This
includes developing the hierarchy of the unwanted events (Fielder et al.2016). The activities can
be technical and non-technical events (Park, Suh and Park 2016). The decision is made on the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9CYBER SECURITY IN THE ORGANIZATION
evaluation of the consequences of the unwanted events. The risks matrix is formed based on the
decision making.
• The analysis is performed which identifies all adverse events and finding the risks related to
the adverse events.
• The selected events are further evaluated. In the DECRIS approach, the information is
provided for the support of the selection, and the dependencies of the risks are assessed.
• The performance of the selected items is valued. The events are the consequences are
evaluated and analyzed in more details. By the evaluation, proper suggestions are given to
mitigating the measures of the vulnerabilities.
Information/data security and enterprise resilience
Integration of the strategies into enterprise resilience:
There are various risk assessment methodologies preset for the evaluation and mitigation
of the risks related to the cyber security. Some of these methodologies are-
Better Infrastructure Risk and Resilience (BIRR):
In this method, all the plans are cover ECIP (Enhanced Critical Infrastructure Protection).
The collection of the reliable data supports all the arrangements under this cover. It facilitates 18
infrastructure sectors and the approach in this case sectored approach is followed.
Baseline protection concept:
Baseline protection plan has been issued by the Federal Ministry of Interior of Germany.
This is a risk assessment methodology that helps to make the communication between the
evaluation of the consequences of the unwanted events. The risks matrix is formed based on the
decision making.
• The analysis is performed which identifies all adverse events and finding the risks related to
the adverse events.
• The selected events are further evaluated. In the DECRIS approach, the information is
provided for the support of the selection, and the dependencies of the risks are assessed.
• The performance of the selected items is valued. The events are the consequences are
evaluated and analyzed in more details. By the evaluation, proper suggestions are given to
mitigating the measures of the vulnerabilities.
Information/data security and enterprise resilience
Integration of the strategies into enterprise resilience:
There are various risk assessment methodologies preset for the evaluation and mitigation
of the risks related to the cyber security. Some of these methodologies are-
Better Infrastructure Risk and Resilience (BIRR):
In this method, all the plans are cover ECIP (Enhanced Critical Infrastructure Protection).
The collection of the reliable data supports all the arrangements under this cover. It facilitates 18
infrastructure sectors and the approach in this case sectored approach is followed.
Baseline protection concept:
Baseline protection plan has been issued by the Federal Ministry of Interior of Germany.
This is a risk assessment methodology that helps to make the communication between the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CYBER SECURITY IN THE ORGANIZATION
infrastructure operators and the states. The primary function of this methodology is to assess the
risk in critical infrastructure.
Strategies for enterprise cyber security management
Keys regarding the enterprise security management:
The security management in the enterprise includes implementing and managing the
procedure and plans those will support the security system of storing and processing the data in
the organization. There are specific methodologies those can be followed to implement the cyber
security management. The different governing bodies create different methods.
Strategies for enterprise cyber security management:
There are six steps those can act as the strategies for the control of the cyber security.
These ares-
• Assigning priority to the information regarding the assets and the processes.
• Assigning priority to the identified risks.
• Implementation of the security controls.
• A building of the security capability model.
• The improvement roadmap regarding the security is needed to be developed.
• Ensuring the organizational engagement and the governance.
Steps to integrate these strategies into enterprise cyber security:
infrastructure operators and the states. The primary function of this methodology is to assess the
risk in critical infrastructure.
Strategies for enterprise cyber security management
Keys regarding the enterprise security management:
The security management in the enterprise includes implementing and managing the
procedure and plans those will support the security system of storing and processing the data in
the organization. There are specific methodologies those can be followed to implement the cyber
security management. The different governing bodies create different methods.
Strategies for enterprise cyber security management:
There are six steps those can act as the strategies for the control of the cyber security.
These ares-
• Assigning priority to the information regarding the assets and the processes.
• Assigning priority to the identified risks.
• Implementation of the security controls.
• A building of the security capability model.
• The improvement roadmap regarding the security is needed to be developed.
• Ensuring the organizational engagement and the governance.
Steps to integrate these strategies into enterprise cyber security:
11CYBER SECURITY IN THE ORGANIZATION
Some of the actions those can be helpful for the integration of the policy into enterprise
cyber security system:
• Understanding the working methods in the organizations and evaluation of possible risks
associated with the system.
• Identification of the type of cyber crimes those can happen.
• Setting the priority of those crimes and the threats.
• Selection of the right strategies from the different security maintaining methodologies.
• Making the users and the employees aware about the importance of keeping the cyber
security.
Understanding Human Factors affecting the cyber security:
The human factors play a significant role in maintaining the cyber security in the
dynamic system. The violation of the security can be happened due to the lack of attention of the
people. Sometimes the security breaches are done by the internal employees of the organization.
Information systems security governance and auditing
The role of internal audit and user training in information security policy compliance:
The improved audit practices will help to improve the cyber security systems and will help to
counter the risks associated with the cyber security (Shackelford and Bohm 2016). The auditors
of the information security can take two roles in mitigation of the security risks in the cyber
system. They can identify the risks and evaluate the risks, and they can advise the users about the
dangers.
Some of the actions those can be helpful for the integration of the policy into enterprise
cyber security system:
• Understanding the working methods in the organizations and evaluation of possible risks
associated with the system.
• Identification of the type of cyber crimes those can happen.
• Setting the priority of those crimes and the threats.
• Selection of the right strategies from the different security maintaining methodologies.
• Making the users and the employees aware about the importance of keeping the cyber
security.
Understanding Human Factors affecting the cyber security:
The human factors play a significant role in maintaining the cyber security in the
dynamic system. The violation of the security can be happened due to the lack of attention of the
people. Sometimes the security breaches are done by the internal employees of the organization.
Information systems security governance and auditing
The role of internal audit and user training in information security policy compliance:
The improved audit practices will help to improve the cyber security systems and will help to
counter the risks associated with the cyber security (Shackelford and Bohm 2016). The auditors
of the information security can take two roles in mitigation of the security risks in the cyber
system. They can identify the risks and evaluate the risks, and they can advise the users about the
dangers.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.