As the African proverb denotes, “It takes a village to raise a child”, it will take that same communal effort in today’s society to keep that child safe in school and higher education facilities. This village must consist of parents, law enforcement, federal government, personnel, and the general public for protection. As preponderant challenges emerges in this wicked society related to public mass shootings, higher education institutions are placing more accentuation than ever upon risk mitigation. Within the IT department at Southside Virginia Community College, risk management consists of processes and concepts to orchestrate, obviate, and successfully respond to emergencies in the agency’s daily operation. In order to be prosperous, these factors focus on human centered information security intertwining with the CIA security model involving all personnel to protect or disclose sensitive information.
Human-Centered Information Security Management
Information Security Specialists were a silo a decade ago and centralized. “The term ‘information security’ means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality, and availability.” (Greene, 2014, p. 65) At SVCC, it’s now everybody’s responsibility regardless of their job description or department within this agency.
In a data-oriented culture, SVCC have a top-down approach to information security that starts with executives and upper management, and flows down to the rest of the agency. We share a belief that having, understanding, and using certain kinds of data and information plays a critical role in the success of this agency.
... middle of paper ...
...ncident, cyber incidents occur at computer speed, but the incident management takes place at human speed, another consideration that must be done in a secure audit.” (Paganini, 2012)
Educational records in a physical medium contains sensitive information directly related to the student and are maintained by an agency or institution or parties acting in or on its behalf. “Most of the information on organization and most of the information people really care about-isn’t about computers.” (Davenport, 1994) These media include anything handwritten, printed, computer generated, videotaped, audiotape, microfilm, microfiche, e-Mail. Documents with sensitive information such as applications, financial aid correspondence, and human resources must be stored in fireproof cabinets. Record retention for these types of documents have a life span of 7 years.
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- An abundance of information security and risk management theories are prevalent; however, it can be difficult to identify valid and applicable theories. In the reading to follow, several information security and risk management theories are evaluated. These theories are presented and employed via various frameworks, models, and best practice guidelines. An assessment of sufficient research pertaining to these theories is addressed, along with a consideration of the challenges that arise from a lack of research.... [tags: it security, risk management, nist]
1902 words (5.4 pages)
- Introduction Outsourcing is a technique for companies to reassign specific responsibilities to external entities. There are several motivations for outsourcing including organizational, improvement, cost, and revenue advantages (Ghodeswar & Vaidyanathan, 2008). The assignment research objectives were (a) to gain insight into securing strategic partnerships in the information technology (IT) arena; (b) to understand the choices made to reduce information and security risks by exploring the different outsourcing techniques, and; (c) to understand how business process associated with outsourcing will stimulate awareness on how the process is interlinked with human behaviors.... [tags: information technology outsourcing]
1798 words (5.1 pages)
- In the first place, many companies are currently on the same shape as International Produce, because they did not have a plan which can deal with confidentiality, integrity, and availability (CIA) related incidents. Not only, International Produce has no regulatory requirements that would have made incident response planning a priority, but also this company needs to understand that Incident response is not a standalone item, but must rest on a foundation of policies and an ability to properly determine what an incident is and when one has occurred.... [tags: Security, Computer security, Information security]
1257 words (3.6 pages)
- Risk Management pertaining to Homeland Security Introduction The U.S. Department of Homeland Security (DHS) manages the risk against America’s homeland. The DHS defends the Nation, its resources and its citizens against threats by using national risk management which decreases strategic risk against the homeland (U.S. DHS, 2014). Risk management is needed to confront daily national security threats and to keep America safe. Risk Management’s role in Homeland Security Risk management plays many roles in the operations pertaining to the homeland security enterprise.... [tags: Risk management, Risk, Decision making]
1112 words (3.2 pages)
- The increasing use of technology is the business sector has created the need for information security (IS) training. Training end-users on information security related items assists in the reduction of information risks that organizations encounter in the conduct of business operations. Furthermore, the absence of end-users training in information security will inevitably subject an entity to increased vulnerabilities that can render organizational security technologies and/or measures inept (Chen, Shaw, & Yang, 2006; Siponen, Mahmood, & Pahnila, 2009).... [tags: technology, internal auditing]
1890 words (5.4 pages)
- There are a variety of health settings that provide patient health services. With the use of health services there has to be some type of health information exchange or system that will enable users to exchange data. Today there are networks that do this. Some of these networks are Community health information network (CHIN), Regional health information network (RHINO), National Health Information Network (NHIN) and Health Information technology for economic and clinical health act (HITECH Act).... [tags: Electronic health record, Health informatics]
1004 words (2.9 pages)
- The healthcare information system (HIS) requires test reports to be delivered to physicians, laboratories and patients within specified time. In a healthcare environment certain test results need instant notification and attention. It is inefficient to use paper based reports in large hospital organizations where medical practitioners are overwhelmed with huge number of patients under their care. This medical practitioners can take the advantage of networked computers or personal digital assistants (PDA) to get notified to the events they are interested in or any crucial notifications.... [tags: Healthcare Information Systems]
2345 words (6.7 pages)
- Business, Management, and Leadership Antioch University Midwest’s approach to your education is personalized and transformative. Classes are small and collaborative; and our accomplished faculty will engage you on an individual level that demonstrates how we value the personal experience you bring to the classroom. With our evening and weekend classes, you can set your own pace and design a schedule that fits your specific needs Our Business, Management, and Leadership programs develop principled business professionals who are prepared to lead.... [tags: Management, Project management, Bachelor's degree]
922 words (2.6 pages)
- Evolution of Management In this paper I will be explaining the evolution of management from the beginning of the industrial revolution to present which includes Classical School of Management, the Human Relations/ Behavioral School of Management, Theory X and Y, the Scientific Approach, Contingency Approach, and Theory Z.... [tags: Organization Management Industry]
1836 words (5.2 pages)
- Academic Paper Review Stephen P.Robbins. (2005). Organizational Change and Stress Management,546-580 Robbins begins the chapter with a strong discussion on the needs for the Organisational Change as such nature of workforce, technology, economic shocks, competition, social trends and world politics. With the current world multicultural environment, technical innovation, economic crises, global competitions, structural adjustments as part of social trends and with the unhealthy politics practice and understanding, all requires an organisations to change and develop ultimately.... [tags: Management, Change management]
1137 words (3.2 pages)