In 1977, the Foreign Corrupt Practices Act, which established information integrity requirements for certain corporations, made corporate executives personally liable for violations. In that year, many boards of directors agreed that it would be a good idea to implement companywide computer security programs. In one large, diversified manufacturing company, information systems security officers were appointed to locally administer the security program at each of its 20 far-flung divisions. In part because of the distributed nature of its operations, management wanted to ensure that each security officer had the knowledge and experience to carry out the program.
展开▼
