Key Elements for the ISSO to Consider

Previous page
Table of content
Next page


From the background information about IWC, noted above, the IWC ISSO should remember some key elements:

  • IWC is a high-technology corporation: This means that it uses and is dependent on information and computer-based processes—a key factor that makes the information and information systems security portions of the IWC CIAPP of vital importance.

  • IWC uses a proprietary process: This means that information relative to the proprietary process is the most valuable information within IWC, and it must be protected at all costs.

  • The proprietary process is the key to IWC's success and vital to company survival: The number one priority of the CIAPP must be to ensure that this process receives the highest protection. It is therefore a priority for the ISSO to ensure that the current protection mechanisms are in place and are adequate.

  • IWC is in an extremely competitive global business: To the ISSO, this means that the potential for industrial and economic espionage through the IWC networks (Netspionage)[3] is a factor to consider in establishing the CIAPP.

  • IWC is networked with its customers and subcontractors; subcontractors, must also use IWC's proprietary process, under contractual agreements: When the ISSO builds the IWC CIAPP, the customers' and subcontractors' interfaces to sensitive IWC information and systems must be a key concern and adequately addressed.

  • Because of today's global marketplace, IWC has over the past several years expanded its operations to include some manufacturing plants, coupled with a small marketing and sales force in Europe and Asia; the European and Asian plants must also be considered when developing the IWC CIAPP.

  • Because of the foreign plants, key executives will also be traveling extensively to the foreign locations. Therefore, the threats posed by terrorists, corporate spies, and others must be taken into account when developing the CIAPP, as the executives will be carrying their notebook computers, cellular telephones, and PDAs containing sensitive IWC information as they travel. This protection must be coordinated with the IWC Director of Security, who has primary responsibility for executive protection.

[3]See also Netspionage, another Butterworth-Heinemann book coauthored by Dr. Kovacich and Bill Boni.


Previous page
Table of content
Next page
The Information Systems Security Officer's Guide. Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors: Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
VBScript Programmers Reference
The CISSP and CAP Prep Guide: Platinum Edition
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
An Introduction to Design Patterns in C++ with Qt 4
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy