Over the past few months, the OIG shorts series focused on structuring and implementing a comprehensive and effective ethics and compliance program. Many times, this requires a mindset shift from a checking-the-box mentality to a wholistic approach in which everyone feels they have an important role to play. Nowhere is this more apropos than in the area of cybersecurity including developing a data security strategy and maintaining an effective incident response plan.
This post focuses on the importance of developing and implementing practical Information Security policies and procedures within your organization as well as the ethical and legal obligations you have to protect your organization’s sensitive data. Our next post will cover the vital role cyber incident response planning plays – not only in the aftermath of a cyber-attack, but in preventing many such attacks.
The security of your organization’s information systems and the data stored within are essential components of virtually every aspect of your business. Your data needs to be trustworthy, readily available as needed for the business, and only accessible by authorized…
