Assessing information security vulnerabilities and threats to implementing security mechanism and security policy audit

Abstract

In spite of the massive investment of money, time and efforts an organization devotes to growth and enhancement with continuous improvements of a sound information security strategy, the human factor is ultimately and eventually the one behind the keyboard. As a result, human beings remain the most vulnerable and weakest entity in the information security chain. A negligent and irresponsible in-house employee can be a threat even to the most breath-tight secure environment, an organization built to keep intruders away from unauthorized access. Information security is considered to be one of the most necessary and crucial issues of the field, with the rapid changes in the information technology that takes place every day and with the business models chasing it and trying to catch up, recently and for a while, it has become one of the most interesting fields to technology and business communities.