Sign In
Not register? Register Now!
Essay Available:
You are here: HomeResearch PaperIT & Computer Science
55 pages/≈15125 words
53 Sources
IT & Computer Science
Research Paper
English (U.S.)
MS Word
Total cost:
$ 400.95

Project Implementation Of Information Security Management System In Wilmington Pharmaceuticals (Research Paper Sample)


Project implementation of Information Security Management System in Wilmington Pharmaceuticals


Project implementation of Information Security Management System in Wilmington Pharmaceuticals
This research is concerned with issues regarding information security management in Wilmington Pharmaceuticals led by the need for implementing effective information security management systems. The company has headquarters in Wilmington, North Carolina and is interested in implementing information security management system to protect its key infrastructure. The project will cover core issues in implementation process including analysis of the environment, modelling of the solution in the company, and evaluation of the value proposition of the project to the company.  Successful implementation of the system will provide the company with a systematic approach to managing risks and enables it to make informed decisions on security investments.
Regardless of company size and type, cyber security has become an enormous challenge in every operating environment. Nonetheless, what is more challenging is the fact that most organizations do not know where to start when dealing with threats characterized by cyber security breaches. According to Peltier (2016), very few companies have realized that the most reliable solution would be turning to international standards. Actually, studies indicate that only a mere 36% of modern day companies have acknowledged the foundational role of information security management system (ISMS) when dealing with cyber security issues (Galliers & Leidner, 2014). However, ISM provides an advantageous starting point for companies of all magnitudes and types. It is important to note that installation of ISMS minimizes chances of organizational collapse when attackers use the internet. This explains why the system has often been referred to as the nervous system of organizations. As such, when companies ignore the call to engage ISMS, they have little capacity to detect malfunctions. In the presence of such malfunctions, organizations are likely to face recurring crises within both internal and external environments (Disterer, 2013).
Scholars perceive the process of implementing ISMS in organizations as one that is characterized by multifaceted approaches. For instance, organizations seeking to protect their frameworks through ISMS implementation should first consider the legalities attached. According to Whitman and Mattord (2013), over 44% of modern-day corporations have forgone implementation because of the numerous legal requirements entrenched. More importantly, a careful consideration of benefits that would be brought about by adopting ISMS. In most cases, organizations pursue the system to enhance compliance, promotional activities, reduce costs, and to optimize their business processes (Soomro, Shah & Ahmed, 2016). Further, it is essential that companies consider the issue of risks and mitigation through systematic research to identify their pronounced deficiencies and determine in advance practical ways of handling unanticipated occurrences. Prior to ISMS implementation, organizations are also supposed to analyze their environments to determine the suitability of their select systems (Whitman & Mattord, 2011).
According to Peltier (2016), ISMS connotes a methodical approach used to facilitate inaugurating, implementing, operating, evaluation, reviewing, maintenance, and enhancement of organizational competence in matters of information security. However, unless ISMS implementation takes place under consideration of organizations corporate objectives the system may contradict and jeopardize efficiency in routine operations. Regardless of the benefits attached to implementation of such systems, some organizations have negated the essence of pursuing a formal ISMS. According to Whitman and Mattord (2013), this is because such organizations believe that their current strategies and technology provide them with the control necessary for avoiding cyber-attacks. Although this might be true, escalating improvements in technology always present new threats and challenges that cannot be handled without ISMS systems. One of the greatest benefits of using ISMS in an organizational context is that the system covers all-important aspects in information security. As Peltier (2016) opines, it takes protection beyond the scope of antivirus software encompassing processes, people, and supportive IT systems heightening organizational levels of security. On the other hand, it is vital to acknowledge the fact that the success of ISMS is determined by efficiency of company processes as well as the commitment of people managing the systems.
Organizations that have neglected ISMS operate precariously since the levels of coordination availed by such systems are impossible to achieve even in light of well-organized organizational processes (Disterer, 2013). This is because ISMS allows companies the advantage of coordinating their security efforts using both physical and electronic approaches. Consequently, not only is coordination made easier but it also becomes possible for organizations to attain unto higher echelons of coherence, consistency, and cost-effectiveness (Whitman & Mattord, 2011). More importantly, ISMS serves the purpose of creating superior work practices in an organization. Such practices are vital since they support the use of other strategies put in place to promote attainment of business objectives. As Stamp (2011) observes, ISMS helps companies to come up with asserting responsibilities as well as procedures with which workers have to comply. Bearing in mind that most organizations are profit-oriented, a careful review of whether ISMS systems will help improve productivity and profitability should as well be carried out.
After successful implementation, ISMS should establish at the organizational level an outline of policies, actions, guidelines, and resources associated joint management for efficient protection of available resources (Stair & Reynolds, 2013). This means that workers within a company are assigned specific roles to enhance system maintenance and enhanced security. It therefore follows that proper implementation should culminate in a determination of the extent to which routine activities support the systems sustainability and efficiency. According to Stamp (2011), when properly implemented ISM brings together different operational elements. This makes it possible for companies to utilize their competencies towards more secure frameworks. However, Whitman and Mattord (2013) argue that implementation projects in over 65% of companies have failed to produce anticipated results because of negating asset evaluation. In similar cases, organizations have evaluated assets that are not related to information processing. It therefore follows that the process of implementing ISMS shoul...

Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:

Other Topics:

Need a Custom Essay Written?
First time 15% Discount!