The role of the chief information officer is to oversee strategic planning and operations (Witman & Mattford, 2013). Usually the chief information officer supervises the chief information security officer. The CISO is responsible for making sure that the organization's information is safe and secure. The CIO makes sure that the CISO and others under him or her are following appropriate steps to stay on target with the companies strategic plan.
The CISO is more hands-on with the creation of plans than the CIO is. CISO's manage information security and cyber security (Alexander & Cummings, 2016). The CIO is more hands-on with making sure that the plans are carried out and accomplishing what was intended such as securing information and making
…show more content…
The meaning can change, however, depending on the type of company that is using it. The textbook gives the example of the government's security policy tht refers to the country's national security and dealings with other countries. In contrast, a security policy could also refer to a bank policy that protects their customer's financial information. Regardless of where, the security policy spells out the rules for information protection whether the information is being moved, stored or processed.
Many times the security threats come from within the company (Chen, Ramamurthy & Wen, 2012). Employee negligence is a contributing factor to security problems. I have seen precautions taken at my workplace to battle against this issue. Certain policies have been written that help to protect the company from problems caused by employees. For example, we have a policy that keeps us from accessing social media. This policy lessens a lot of threats that could be distributed through these sites. We also have a policy in place that restricts personal use of business equipment. We are not allowed to use our business phones or computers for personal use. We cannot provide our work email address to non-business related outputs. Personal emails are restricted at work to cut down on possible
…show more content…
Three of the continuity strategies are hot, warm and cold sites. Costs vary with each and can be a determining factor for organizations looking. Hot sites are fully designed and configured computer facility. It is equipped with some of the most functional and up-to-date devices. It requires someone to maintain the systems which could be difficult for some organizations. Businesses should consider all that is involved before choosing which time of site fits its needs.
A warm site is similar to a hot site, but software applications are not included, installed or configured. Usually, a warm site includes computer equipment and peripherals with servers. One thing that it does not typically include are work stations. A warm site is some cheaper than a hot site, but it requires there to be time making it functional whereas a hot site is fully functional within