Discuss how security requirements can be linked to business requirements - Essay Example

The battle is on for finding out the efficient ways and design methodologies that can analyze the security risks and implement the appropriate mitigation solutions. As, every event or technique has a better impact and a worse impact, the technologies that speed up the business processes are also prone to increase risks of computer intrusion, fraud, disruption and many more. A successful organization not only relies on finding innovative solutions or products but also on the effective implementation of those solutions.

Here, technology plays a major role as these technological developments can make the implementations simpler, providing a wide range of choice. But the question arises so as to which is the right choice This can only be answered by thorough research on the cost, stability and reliability of the technology to be used (WALSHAM, 1993). The Information System of the firm should be able to process this task by taking the external (technology functionality) and internal (business environment) entities into account.

Thus, the understanding and integration of technological innovations plays a key role in the modeling of any Information System to support the business goals and strategies. . The organization has to analyze all the possibilities and provide the solution that is technological stable and cost-effective, to implement, maintain and modify in future.Security Management and ResponsibilitiesData OwnerEach Line Department of the company, with its own computing facilities will appoint a senior member of the staff as Data Owner.

The responsibilities of the Data Owner include:Data subject enquiry procedures.To ensure that all licenses to use systems and software is accurate, available and purchased according to financial regulations.Preparing details of who can access what information, how and when, according to the particular classification of staff and information.Ensuring that all systems are maintained in effective and controlled manner.Ensure appropriate training of staff in systems and applications use.Those systems which are operated throughout the company should also have a designated Data Owner.

Data Owners across the company will be advised by the Head of ead HeadInformation Compliance and Policy. With the existing systems, advice is available to help data owners meet their responsibility in complying with the Information Security Policy. Systems DevelopmentAll systems must comply with the main IT strategy developed for the company by the IT team. Mark Walker, a senior systems analyst, states that an IT strategy is the single most crucial factor for the success of an organization dependent on IT for its operations (Walker, 2000).

All system developments must include security issues in their consideration of new developments, seeking guidance from the Head of Information Technology.Management ResponsibilitiesThe management plays the most important part in building a successful