Security Management: Objectives and Benefits
Security Management has two objectives:
- To meet the security requirements of the SLAs and other external requirements further to contracts, legislation and externally imposed policies.
- To provide a basic level of security, independent of external requirements Security Management is essential to maintaining the uninterrupted operation of the IT organization.
- Internal reasons: An organisation can only operate effectively if correct and complete information is available when required. The level of Information Security should be appropriate for this.
- External reasons: The processes in an organisation create products and services, which are made available to the market or society, to meet defined objectives. An inadequate information supply will lead to substandard products and services, which cannot be used to meet the objectives and which will threaten the survival of the organisation. Adequate Information Security is an important condition for having an adequate information supply. The external significance of Information Security is therefore determined in part by the internal significance. Security can provide significant added value to an information system. Effective security contributes to the continuity of the organization and helps to meet its objectives.