IT Security and Governance Term Paper

Open, View, and/or
Download this Document

Total Length: 938 words ( 3 double-spaced pages)

Total Sources: 1+

Page 1 of 3

Mitigating Risk for Information Technology

The risk management plan to deal with the situation for this particular assignment is two-fold in nature. Specifically, it is designed to account for the external breach of the company based on its information technology security. Additionally, it must encompass critical facets of data governance which can rectify the weak access-control policies that were taken advantage of for an internal breach. As such, the risk-management policy will address both of these issues holistically through a comprehensive approach that considers data management and data governance in a way that encompasses security measures. The resulting governance mechanisms that are advocated as part of this policy should unequivocally reduce the risk of data breaches, both internally and externally.

It is important to understand just how effective data governance can ameliorate the two security issues described in this assignment prior to formalizing it as part of this risk-management policy. Data governance is a long-term program for data management that offers a formal accountability of the rules, roles and responsibilities that are required for sustainable and orderly access of data as an organization wide asset. At a high level, then, it is necessary to create a data governance council consisting of both domain experts and upper level management to determine the sort of policies necessary to prevent data breaches and orderly management of data. It is also vital to assign data stewards to ensure that the policies determined are readily enforced; typically stewards should encompass members of both IT departments as well as the business.

Stuck Writing Your "IT Security and Governance" Term Paper?

View All Our Example IT Security and Governance Term Paper

Have A Custom Example Essay Written

In regards to the sort of unauthorized access of data in the internal breach for this assignment, the aforementioned councils and stewards are responsible for ensuring that data is accessible on a need-to know basis that is codified not only by one's business or organizational domain, but also by one's particular job function. At the implementation level, there are a number of governance tools and vendor solutions that can facilitate this sort of role-based access -- which is a hallmark of effective data governance, whether information is stored internally or externally, on an organization's physical premises or in the cloud. Moreover, some of the more competitive governance solutions also offer a degree of traceability and data lineage so that it is possible to discern who has accessed what data, what changes they made to it, and even what actions they took next from the same computer. Again, these solutions also offer portals so that IT professionals can have an oversight layer of data governance to view what data employees are accessing and how, which can greatly mitigate the risk of internal breaches due to unauthorized data access.

The data governance policies and procedures outlined in….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"IT Security And Governance" (2015, August 29) Retrieved July 7, 2025, from
https://www.aceyourpaper.com/essays/security-governance-2152479

Latest MLA Format (8th edition)

Copy Reference
"IT Security And Governance" 29 August 2015. Web.7 July. 2025. <
https://www.aceyourpaper.com/essays/security-governance-2152479>

Latest Chicago Format (16th edition)

Copy Reference
"IT Security And Governance", 29 August 2015, Accessed.7 July. 2025,
https://www.aceyourpaper.com/essays/security-governance-2152479
   

Open, View, and/or
Download this Document
order custom essay example