Security and Privacy

The need to ensure that appropriate security and privacy controls are implemented continues to be at the forefront for leadership in Information Technology, Compliance, Internal Audit, and ultimately Executive Management. A formal security management program that follows industry standards will provide a framework to ensure that confidential data are protected. Technology vendors are aware of the increased concern for ensuring the security of information assets and readily provide documentation outlining security measures. Organizations proactively engaging and properly investing in an Information Security Management Program can significantly reduce exposure to unwanted events and respond quickly should such a security event occur. The role of security as part of an organization’s overall operations and technology function is frequently managed as any other operations and technology expense. To ensure the best possible protection of an organization’s information assets, security professionals must remain current on evolving threats and mitigating technologies.