|
The responsibilities for compliance with the AIS security requirements in the world of national security are similar to those of the corporate world. Management is responsible for ensuring compliance with InfoSec requirements, policies, and procedures, as well as ensuring the reporting of violations. All employees are of course responsible for understanding their responsibilities, as well as complying with InfoSec policies, procedures, contract requirements, and the like, and reporting violations to management. However, in this case, the seriousness of the information, and the implications of its loss or compromise, requires that violations be immediately reported and inquiries conducted. The disciplinary action taken against violators is usually more severe.
|