by The Open University
Available in 39 free installments
Owner:
The design of a successful information security policy and strategy for any organisation requires an assessment of a number of key factors. These factors can be categorised as either imperatives or incentives. Imperatives are pressures that force you to act. Incentives are the rewards and opportunities that arise from acting.
In Subsection 3.2 we examine the main imperatives confronting organisations. These arise either from threats to information assets or from the obligation to comply with UK law and with codes governing the management and control of public and private assets and the protection of the interests of stakeholders. We place all of these imperatives in a wider framework of ethical practice in information management.
In Subsection 3.3 we look briefly at some of the incentives for engaging in information security management. Incentives mainly come in the form of opportunities to reduce the cost of existing ways of working and new options for pursuing an organisation's objectives.
Original Copyright © 2007 The Open University. Now made available within the Creative Commons framework under the CC Attribution – Non-commercial licence (see http://creativecommons.org/by-nc-sa/2.0/uk/).
