Being the Chief Information Security Officers (CISO) of the organization, I realize that I have the responsibility of directing staff during their daily activities to ensure that assets in the organization are well protected. However, directing members of staff on matters related to Information Technology count on multidisciplinary and rationalized operations (Ann-Louise, Franc, Werner, Scott, Carsten, Frank & Rudy, 2010).
The basic and most significant regulation is to ensure there is data accountability in every department involved in data handling. These would include measures to facilitating data security and privacy. I can implement strategies such as recording and storing information in non-erasable and non-writable mass storage devices for safekeeping. Additionally, I would ensure that data is constantly checked to determine whether it is correct and up to date.
With the threats of sabotaging communication, banks and other communal facilities impose heavy penalties that can encourage members of staff to follow recommend compliance tools in my organization. I would abide by the rules set to avoid serious consequences in other organizations. For instance, individuals with allegations such as stealing identities, civil damages, and harassment may sue the organization. Therefore, this would help to reduce scandals that may involve accounting departments.
In conclusion, I would advocate for Sarbanes-Oxley Act as my organization’s compliance tool since it is the best in providing set rules and regulations that are observed by those in charge of every department (EMA, 2011). It regulates those in the accounting department to ensure they constantly update a record on non-erasable or rewritable storage devices. Moreover, this can help to ensure that recording of communication data not only involves communication electronic communication, but also other forms of communication like e-mails, messaging, or even phone calls.
References
Ann-Louise B., Franc C., Werner F., Scott H., Carsten L., Frank M., & Rudy T. (2010). IT Security Compliance Management Design Guide. In Axel B., Jose A., David D., Carsten L., Muehlenbroc & Rudy, T. (Eds), IBM corporation. New York: Redbook publishers.
EMA. (2011). IT Business Management Comes of Age: An Enterprise Management Associates. White Paper. Web.