ABSTRACT
Today’s organizations, in their efforts to reduce costs, are
streamlining layers of management while implementing
more complex matrices of control and reporting.
Distributed systems have facilitated the reshaping of
these organizations by moving the control of information
closer to its source, the end user. In this transition, how-
ever, secure management of that information has been
placed at risk. Information Technology departments must
protect the traditional system environment within the com-
puter room plus develop policies, standards, and guidelines
for the security and the protection of the company’s infor-
mation base. Further, the information technology staff
must communicate these standards to all users to enforce
a strong baseline of controls.