0
When a security standard conflicts with a business objective how the situation should be resolved by?
When a security standard conflicts with a business objective, there are a few questions that need to be answered before making a decision:
1) Is the standard a law? If it is, then the business objective needs to be changed to comply. For example: companies that have as an objective to spam the maximum number of people will find that they are in conflict with the law - they cannot legally achieve their objective. You could decide to just accept the risk of getting busted for failing to comply with the law, but that is extremely unethical.
2) What are the consequences of failing to apply the security standard? What vulnerabilities will the information systems have if the security standards are not adhered to? Get an unbiased analysis.
In addition to the consequences of breaking the law already mentioned, some other risks might include: liability issues, loss of business, loss of reputation, lawsuits for invasion of privacy, lawsuits for failure to protect personal information, loss of sensitive data, disclosure of sensitive information to unauthorized entities including competitors or opponents, loss of ability to enforce corporate policies for computer use - depending on the security standard not implemented a company may find they have no legal recourse against someone who misuses their computer resources, co-opting of computer resources by outsiders - company computers might become part of a bot-net, etc.
3) What are the sources of threats to the computer systems?
4) Once a risks and threats have been identified, quantify their impact if the risk comes to pass, or the vulnerability is exploited.
5) Quantify the likelihood of each risk becoming reality.
6) For each risk, combine the impact and likelihood to produce an overall risk.
7) Identify options for risk avoidance (fixing the problem), mitigating it (lessening the impact if it happens), or risk transference (such as insurance) .
8) Determine the cost of each option for dealing with the risk and compare it to the cost of accepting each risk - weighted by the level of risk.
9) Modify the business objectives to adopt the best risk management strategy to address the identified risks.
Generally if an independent, unbiased risk assessment is made, the costs of risk acceptance compared to avoiding, mitigating, or transferring the risks will dictate some changes to the conflicting business objective. Sometimes the conflict can motivate a business to examine technologies and methods they had not previously considered in order to resolve the conflict. Sometimes the conflict between security and the business objective drives innovators and inventors to resolve the conflict by developing new technologies that can satisfy BOTH the security standard AND the business objective.
What else can I help you with?
Can you please contact the vendor to get this resolve or to get this resolved?
resolved
Difference between memorandum report and business report?
Academic writing usually starts with a general description and history of the subject, details of any part of the subject which need to be resolved and an explanation of the current and future situation. It's purpose is more to inform and educate rather than to persuade. Business writing has to be persuasive. It often will use only the facts which support its own argument, omitting or downplaying negative factors. It will often use misdirection, supplying too much irrelevant information to deflect attention from known problems.
Customers who have their complaint satisfactorily resolved tell on average how many people?
9
Customers who have their complaints satisfactorily resolved tell an average of how many people?
4-6
What is a question of fact?
It is a dispute between people involved in a law suit that must be resolved by a jury at trial
Should a good team leader allows conflicts to be worked out?
A good team leader should encourage conflicts to be resolved. Depending on the situation it could be resolved simply by the members or the Team Leader may have to get involved to moderate the situation.
How should conflicts in team writing be resolved and why should these techniques be appropriate?
how should conflicts in team writing be resolved?
Describe how environmental conflicts are resolved?
best describe how environmental conflict are resolved.
How are the conflicts resolved for the wind in the willows?
abcdefghijklomnpqrst
Were all conflicts resolved or sorted out peacefully?
No. Many conflicts endure to this day. Some have been resolved either by acts of man or acts of time.
What are the conflicts in the book Jurassic Park and how are they resolved?
p
How can most conflicts in the workplace be resolved?
by leaving early
Many political conflicts can be resolved through elections?
True
Conflicts can be resolved without violence by?
d all the above
Do all conflicts have to be resolved?
write an essay on 'we cannot resolve all conflicts in a peaceful and harmonious way
What can conflicts be based upon how its intensity is managed or resolved and its impact on the organizations performance?
Conflicts need to be resolved with the right intensity. If not, the company runs the risk of upsetting their employees and affecting organization performance.
Default on business line of credit?
If you have been sued by a bank for default on a business line of credit would like to know more about your situation and how you resolved it specifically if you won the case would like to know how you did it
