ABSTRACT
The purpose of information protection is to protect the valuable resources of an organization, such as information, hardware, and software. Through the selection and application of appropriate safeguards, security helps the organization to meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets. We examine the elements of computer security, employee roles and responsibilities, and common threats. We also examine the need for management controls, polices and procedures, and risk analysis. Finally, we present a comprehensive list of tasks, responsibilities, and objectives that make up a typical information protection program.
