Page 21 -

P. 21

20
Contents
Q10-5 How Can Technical Safeguards Protect Against Security
Threats? 433
Identification and Authentication 433
• Ethics Guide: Securing Privacy 434
Single Sign-on for Multiple Systems 436
Encryption 436
Firewalls 437
Malware Protection 438
Design for Secure Applications 440
Q10-6 How Can Data Safeguards Protect Against Security Threats? 440

Q10-7 How Can Human Safeguards Protect Against Security
Threats? 441
Human Safeguards for Employees 441
Human Safeguards for Nonemployee Personnel 443
Account Administration 444
Systems Procedures 445
Security Monitoring 446
Q10-8 How Should Organizations Respond to Security Incidents? 447

Q10-9 2026? 448
• Security Guide: EMV to the Rescue 450
• Guide: Phishing for Credit Cards, Identifying Numbers, Bank Accounts 452
Case Study 10: Hitting the Target 456

11: InforMaTIon SySTeMS

ManaGeMenT 461

Q11-1 What Are the Functions and Organization of the IS
Department? 463
How Is the IS Department Organized? 464
Security Officers 465
What IS-Related Job Positions Exist? 465
Q11-2 How Do Organizations Plan the Use of IS? 467

Align Information Systems with Organizational Strategy 467
• So What? Managing the IS Department 468
Communicate IS Issues to the Executive Group 469
Develop Priorities and Enforce Them Within the IS Department 469
Sponsor the Steering Committee 469

Q11-3 What Are the Advantages and Disadvantages of
Outsourcing? 469
• Ethics Guide: Privacy Versus Productivity: The BYOD Dilemma? 470
Outsourcing Information Systems 472
International Outsourcing 473
What Are the Outsourcing Alternatives? 474
What Are the Risks of Outsourcing? 474

16 17 18 19 20 21 22 23 24 25 26