Tamanho da fonte: 

If it is true that modern organizations are more and more dependent on Information Technology (IT), a systematic concern with information security and computing systems is expected. The information technology has undergone a great change in the last years, caused mainly by the impact of Internet. The 70s and 80s centralized model gave place to the distributed model, creating complex ambients, heterogeneous and highly integrated. This scenery information protection will be only possible through a corporate model of security management, together with the minimal impact possible. A model of a well based security corporate management must be constituted of a well positioned organizational structure in the organization chart plus a strategic security view. The use of tools and methodologies well established in the market by international organizations is fundamental. Among them, Risk Management should be highlighted. An information security policy closely linked to technological aspects, such as virus combat and hacker and cracker attacks is predominant in the market, limiting the actions to the IT Department, which assumes the role of police in many situations, with little aggregate value for the business processes and activities. The information security management should approximate several productive process participants, promoting cooperation and collaboration for all.

Information; security; management; IT; risk.