The need to protect information has been following a crescendo of awareness over the past few years to climax with literally thousands of information security and privacy related news reports during 2005. Consumers have been impacted through resulting identity theft and fraud. Businesses are impacted not only short-term, but also long-term from lost business. The passage of growing numbers of laws and regulations throughout the world has justifiably captured the attention of business leaders who are now more seriously considering how to meet compliance and perform information security due diligence than ever before. Establishing an effective information security program is now higher on the executives' to-do list. An organization can have a well-conceived, well-documented information security program, but if it is not effectively integrated throughout the enterprise within all business practices, it will not be effective. Information security practitioners are increasingly realizing that establishing a formal Information Security Management System (ISMS) will complement their existing information security efforts and work to effectively integrate information security throughout the enterprise business services, products, operations and management. As a result, information security will truly become more effective and more clearly support business success.
展开▼
