ABSTRACT
It is commonplace for companies to conduct technical vulnerability assessments for their information technology (IT) systems. These assessments often combine automated scanning and audit tools with manual testing. It is widely accepted that third-party testing is an essential part of IT security management. Personnel Strength - the ability of the individuals within the information system to detect, and withstand, a social engineering attack. The protection of the intellectual property is seen as key to the long-term value of the company and therefore its protection receives appropriate senior management support. The spread of coverage in the mapping of System A represents the variations found within the staff involved in the system. This information system has strong Systemic Strength that restricts the employees into following sound practices. A legal practice can be a good example of this situation, with strong traditions of trust in people and the professional standards of employees.
