Due Date 7/10/13 within 5hrs. write XXXXXXXXXXwords that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your...

The purpose of information protection is to protect an organization's valuable resources,
such as information, hardware, and software. Through the selection and application of
appropriate safeguards, security helps the organization meet its business objectives or mission by
protecting its physical and financial resources, reputation, legal position, employees, and other
tangible and intangible assets. We examine the elements of computer security, employee roles
and responsibilities, and common threats. We also examine the need for management controls,
policies and procedures, and risk analysis. Finally, we present a comprehensive list of tasks,
responsibilities, and objectives that make up a typical information protection program.
1. ELEMENTS OF INFORMATION PROTECTION:
Information protection should be based on eight major elements:
1. Information protection should support the business objectives or mission of the enterprise.
This idea cannot be stressed enough. All too often, information security personnel lose track of
their goals and responsibilities. The position of ISSO (Information Systems Security Officer) has
been created to support the enterprise, not the other way around.
2. Information protection is an integral element of due care. Senior management is charged with
two basic responsibilities: a duty of loyalty - this means that whatever decisions they make must
be made in the best interest of the enterprise. They are also charged with a duty of care - this
means that senior management is required to protect the assets of the enterprise and make
informed business decisions. An effective information protection program will assist senior
management in...