Week 3: Importance of IT Governance Systems

Within the modern business environment there is a daily exchange of sensitive information between organisations and; employees, suppliers, customers etc. The best way to manage the continual threats of fraud risk is the proper implementation of IT governance systems (Antonakopoulou, 2012). 

Although having up-to-date access control measures in place is important, it would be foolish to purely rely on it. For example: your business may have strict access control measures in place which require multi-factor authentication. However, most devices may only require a short pin or a simple question about yourself. Within the current environment this kind of information is far too easy to access. On top of this there is also the large problem associated with human error. How many times have you had to write down a password, just because you struggle to remember it? All it takes is one person to look over your shoulder or fish it out a bin to gain access to the companies most private information.

These continual threats in the digital world mean businesses must implement secure IT systems to mitigate the risk. The COBIT 5 enabler; “Policies, Principles and Framework” is vital in ensuring proper controls are in place for your business. The appropriate implementation of this enabler will give management a clear direction around information security and provide employees with clear guidelines to follow when handling company information (i.e., not writing down their passwords). In order to continue to protect your business you should implement: multi-factor authorisation for all employees, firewalls, trainings to raise awareness, security software, access controls etc. This will ensure protection against unauthorised users, non-access when required and improper modification (ISACA, 2012).

Additional Information: 

References 

Antonakopoulou, A. (2012). Leveraging Access Control for Privacy Protection. Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards, 65-94.

ISACA. (2012). COBIT 5 for Information Security. Schaumburg: The Information Systems Audit and Control Association.

IDG Techtalk. (2019, October 08). What is IT Governance? [Video]. Youtube.