Verified Document

Justifying Security To Management Term Paper

Justifying Security in the Business World Today Having a good security policy, from screening prospective employees to protecting vital corporate data, can be costly for a company. But good security acts like an insurance policy. Ideally, a company does not want to have to use the full capacities of its security system. But if a security system is not present, then complications, when they do arise, can be disastrous to the immediate health and welfare of employees and the long-term future of the company. Thus, security personnel who are selling security systems, devices, technology, or services to a company often find themselves in the unenviable position of a life insurance salesman or woman -- they have to convince a company that the initial cost is justified, because of the risks that lie ahead if the investment is not made in the here and now, and they have to bring up the difficult and thorny issues of possible losses if the systems are not implemented.

How Security Systems are Effective in Generating Profits

Security investments may seem like costs initially, rather than areas of profits because the benefits of security are not immediately tangible, or calculable. But individuals are more willing to invest in companies that have secure systems in terms of auditing and information protection. A consumer is more likely to make use of a credit card from a company with a documented security policy. An employee is more likely to stay at a company where he or she feels safe and secure, working late at night....

Investors are more likely to part with their immediate cash, if they feel standard procedures in accounting are openly obeyed, when the company is calculating how the corporate finances are allocated.
Preventing Losses

Another way to justify the costs of security to management is loss prevention or mitigation and what is also called 'risk management.' In planning for the unexpected, companies have to weigh the risk vs. The cost of a contingency plan. When marketing security, the speaker must communicate a clear business case for investments in security, present the strategy in cost-effective language and layperson's terms. (Flynn, 2005) Robert Austin (2005) suggests putting high-tech language in this simple financial scenario on a personal level: if you knew "affordable lock technologies that provide better protection were available" for your home, and neighbors were being burgled in your area, would you consider it a savings not to make such an investment? Of course not, although a surprisingly large number of companies don't think the security of their IT infrastructure is all that important, as evidenced by the "48% of companies stringently control the applications that are installed on corporate computers." (Austin, 2005)

Austin states that such this kind of sloppiness in security "should be no more acceptable to responsible companies than is sloppiness in tracking inventory or cash in a company's bank account. When we stop thinking about information security as an esoteric problem and…

Sources used in this document:
Works Cited

"The ABCs of Business Continuity and Disaster Recovery Planning." CSO Online. Retrieved 26 Oct 2005 at http://www.csoonline.com/fundamentals/abc_continuity.html#1

Austin, Robert D. "Analyst Report: Information Security: Awareness is Spreading, but Not Fast Enough." CSO Online. Retrieved 26 Oct 2005 at http://www.csoonline.com/analyst/report3903.html

Flynn, Chris. (3 Jun 2005) "Value-Based Security." ASIS Website. Retrieved 26 Oct 2005 at http://www.asisonline.org/newsroom/pressReleases/index.xml
Cite this Document:
Copy Bibliography Citation

Related Documents

Security - Agip Kazakhstan North
Words: 14948 Length: 35 Document Type: Term Paper

They need to know what their responsibilities are not only as individuals but also as team members and corporate employees. David cites an excerpt from a corporate security document that illustrates his point: "A security policy serves many functions. It is a central document that describes in detail acceptable network activity and penalties for misuse. A security policy also provides a forum for identifying and clarifying security goals and

Security Plan Target Environment Amron International Inc.
Words: 2339 Length: 6 Document Type: Essay

Security Plan Target Environment Amron International Inc. Amron International Inc. is a division of Amtec and manufactures ammunition for the U.S. military. Amron is located in Antigo, Wisconsin. Amron also manufacturer's mechanical subsystems including fuses for rockets and other military ammunitions as well as producing TNT, a highly explosive substance used in bombs. Floor Plan Target Environment The target environment in this security plan is the manufacturing operation located in Antigo, Wisconsin, a

Security Career
Words: 1246 Length: 4 Document Type: Essay

security career is varied, offering people wishing to pursue this option with jobs like security guard, loss prevention specialist, crossing guard, deputy sheriff, even security management specialists. The cross fields and some need special training as well as a degree for a person to gain access too, not to mention, some jobs requires prior experience, at least one year. With that said, the most in demand and easy to

Performance Appraisal Security Management
Words: 607 Length: 3 Document Type: Essay

Q1. Discuss specific reasons why personnel appraisals serve the interests of the organization. Even in the most technologically-driven organizations, personnel appraisals are critical for ensuring high levels of quality control. Humans are still the primary operators of technology, and without good people at the helm, appropriate security protocols will not be enforced. People need to know on a regular basis how they are performing and usually desire feedback. Ideally, this feedback

Analysing Different Security Management Issues
Words: 662 Length: 2 Document Type: Essay

How has the Securities and Exchange Commission (SEC) improved reporting measures for publicly held companies? What are the weaknesses in SEC procedures? The SEC has amended its reporting requirements in order to eliminate, modify, or integrate certain disclosure rules. These changes are aimed at improving disclosure effectiveness. Simplifying compliance without the need for significantly altering the total mix of information that is provided to the investors. Improving this reporting measures will

Security Self-Assessment Coyote Systems Security
Words: 2030 Length: 7 Document Type: Thesis

The management control area of authorize processing including certification and accreditation has been defined within Coyote Systems through the use of roles-based logins and access privileges and the use of certification of role-based access to ensure security. The company has found that through the use of role-based security authentication and the defining of rights by role, the certification and accreditation audits are far more efficient in being completed, and provide

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now