Retrieved from https://studentshare.org/human-resources/1440935-week
https://studentshare.org/human-resources/1440935-week.
There are lots of information assets that have to be protected within the information system of an enterprise. The purpose of this paper is to describe the controls for information technology (IT) reporting and evaluation. One of the most valuable information assets that must be safeguarded is the employee personal files. The law protects the employees and it is the duty of the company to have 100% assurance that this information is not leaked or fall into the wrong hands because the workers could become victims of identity theft.
There are two facets to protecting the personal files of employees. The first aspect is the manual paperwork that most companies keep with employee information. Those files cannot be kept in filing cabinets where anyone could have access to them. These files must be kept in a separate room that is locked at all times. The only persons that should have access to the information are the director of human resources and his or her staff. The second aspect of safeguarding this important information asset is the protection that needs to exist within the computerized information system of the company.
The computerized information system of a company must be divided in modules. Each module should be independent of each other. For instance engineers would not have access to the accounting module and vice versa. . erk with the level of clearance system would be a low level clearance employee which means his access within the accounting module of the information system would be limited to the payable work the person performs for the company. “Two major reasons why we need to protect information assets are (1) the potential for compromises of such assets, unintentionally or otherwise, and (2) compliance with regulatory requirements concerning information protection and communication (Raval & Fichadia, 2007).
There are certain information assets that are so valuable companies that to take extreme measures to protect them. An example of such an asset is patents. Any paper work of a patent should be kept in a safe in the office of the chief executive officer (CEO). The CEO should then decide which employees can be given access to that privilege information. In terms of any digital information concerning patents the system of establishing clearance that gives access to the system is a good way to ensure the information is not leaked into the wrong hands.
The top level of clearance within the information system of a company should be given to the CEO and the board of directors. The executive managerial staff would fall to the next level of clearance. The managers or directors of different department would have maximum clearance within their pertinent modules such as accounting, marketing, human resources and engineering, but they would not have full clearance for other modules within the system. It is imperative to avoid compromises of the IT system.
An example of a compromise would be the unlawful entrance of a hacker into the information system of the company. If an attack occurs the entire system becomes compromised. At that time the IT department has to take measures to find out
...Download file to see next pages Read More