2. Chapter One
Information Policy
Government information
Freedom of Information
Public Information
Information privacy
Information policy and the stakeholders
Information security or Data Protection
04/12/14 2
3. Information policy
Information policy
Information
• The importance of information in our society can hardly be over
estimated.
• As we increasingly recognize the critical nature of information
policies that affect information creation, organization, use and
dissemination become equally, critical.
• Information is essential to our participation in deciding how to vote,
where to live, how to find a job, organizing life long learning and
planning our retirement and all depend on timely access to
information.
04/12/14 3
4. Information policy Cont”
Policy
• defined as a plan or course of action used by an organization to
convey instructions from its senior most management to those who
make decisions, take actions, and perform other duties on behalf of
the organization.
• Polices are organizational laws in that they dictate acceptable and
unacceptable behavior within the context of the organization's culture.
• Like laws, policies must define what is right, and what is wrong, what
the penalties are for violating policy, and what the appeal process is.
04/12/14 4
5. Information policy Cont
• A policy defer from standards, Standards are more detailed
statements of what must be done to comply with policy.
• Policies are considered as the basis for all information security
planning, design, and deployment.
• Policies do not specify the proper operation of equipment or
software. This information should be placed in the standards,
procedures and practices of users' manuals and systems
documentation.
• Policy can be an individual matter or an official enactment.
04/12/14 5
6. Information policy Cont
Public policy
• Public policy on the other hand is a form of law made by the
governing bodies of organizations:
– to govern,
– direct,
– control, and
– regulates members of the organization.
• It can take the form of laws passed by the legislature, decisions of
government or boards of directors of public corporations, private
companies, or even instructions or directives issued by departments.
• Public policy is usually a product of a bureaucracy to regulate
government actions and programs.
04/12/14 6
7. Policy making
• Policy making refers to the process of making important
organizational decisions, including the identification of
different alternatives such as programs or spending
priorities, and choosing among them on the basis of the
impact they will have.
• It could be understood as a political, management,
financial, and administrative mechanisms arranged to
reach explicit goals.
04/12/14 7
8. Policy content
• Policies are typically promulgated through official
written documents.
• Policy documents often come with the endorsement or
signature of the executive powers within an organization
to legitimize the policy and demonstrate that it is
considered in force.
• Such documents often have standard formats that are
particular to the organization issuing the policy.
04/12/14 8
9. Policy content (cont.)
• While such formats differ in form, policy documents usually contain
certain standard components including:
– A purpose statement, outlining why the organization is issuing
the policy, and what its desired effect or outcome of the policy
should be.
– An applicability and scope statement, describing who the policy
affects and which actions are impacted by the policy. The
applicability and scope may expressly exclude certain people,
organizations, or actions from the policy requirements.
Applicability and scope is used to focus the policy on only the
desired targets, and avoid unintended consequences where
possible.
04/12/14 9
10. Policy content (cont.)
– An effective date which indicates when the policy comes into
force. Retroactive policies are rare, but can be found.
– A responsibilities section, indicating which parties and
organizations are responsible for carrying out individual policy
statements. Many policies may require the establishment of some
ongoing function or action. For example, a purchasing policy
might specify that a purchasing office be created to process
purchase requests, and that this office would be responsible for
ongoing actions. Responsibilities often include identification of
any relevant oversight and/or governance structures.
04/12/14 10
11. Policy content (cont.)
Policy statements indicating the specific regulations,
requirements, or modifications to organizational behavior that the
policy is creating. Policy statements are extremely diverse
depending on the organization and intent, and may take almost any
form.
Some policies may contain additional sections, including:
Background, indicating any reasons, history, and intent that led to
the creation of the policy, which may be listed as motivating
factors. This information is often quite valuable when policies
must be evaluated or used in ambiguous situations, just as the intent
of a law can be useful to a court when deciding a case that involves
that law.
Definitions, providing clear and unambiguous definitions for terms
and concepts found in the policy document.04/12/14 11
12. Types of library and information center policies
Aside from collection development policies, libraries and information
centers need policies that address issues such as types of resources to
support the organization, licensing issues, and user access.
Other policy topics include how and which resources should be
cataloged, placed in a content management system or subject guide, or
added to an EDRM system.
The development and use of policies is critical in electronic resource
management and for communicating a library or information center’s
goals.
04/12/14 12
13. Types of library and information
center policies (cont.)
• Examples of policies in libraries and information
centers:
– Collection development policy
– Communication and information policy
– Staff training and development policy
– Health policy
– Housing policy
– Human resource policies, etc.
04/12/14 13
14. Collection Development Policy (CDP)
• For the purpose of this lecture, the Collection Development Policy
shall be used as an example.
• A collection development policy in a library or information center is
defined as a guide for the acquisition librarian on what should be
bought, for who and how the materials are to be acquired.
• The policy statement of the Collection Management Policy is to
provide a planning document to organize and guide the process of
acquiring and providing access to print and electronic information
resources and to manage their growth, maintenance, preservation,
withdrawal and cancellation.
04/12/14 14
15. CDP (cont.)
• It will be reviewed and revised periodically, as needed.
• A policy statement in a library or information center environment is
defined as a kind of framework and set of parameters within which
staff and users work. It serves many functions beyond being merely a
tool for selection of materials:
– It provides a theoretical overview that explains the educational,
social, and cultural rationale for the development of the collection.
– It also states directions, guidelines, controls, and standards for the
overall management of the collection.
04/12/14 15
16. CDP (cont.)
– In addition to describing current collections, it forces the staff
involved to (re)consider the aims and objectives of the
organization, both long and short term, and the priorities to be
attached to different activities.
– It assists with budgeting,
– Serves as communication channel within a library and between the
library and outside constituents,
– Supports cooperative collection development,
– Prevents censorship, and
– Assists in overall collection management activities, including the
handling of gifts, de-selection of materials and serial cancellations.
04/12/14 16
17. CDP (cont.)
Gardner (1981) suggested that there should be a written collection
development policy statement that is intended to:
1. Force staff to think through library goals and commit themselves
to these goals helps them to identify long- and short- range needs
of users and to establish priorities for allocating funds.
2. Help assure that the library will commit itself to serving all parts
of the community, both present and future.
3. Help set standards for the selection and weeding of materials.
4. Inform users, administrators, and other libraries of collection
scope and facilitate coordination of collection development
among institutions.
04/12/14 17
18. CDP (cont.)
5. Help minimize personal bias by selectors and to highlight
imbalances in selection criteria.
6. Serve as an in-service training tool for new staff.
7. Help assure continuity in collections of any size and provide a
pattern and framework to ease transition from one librarian to
the next.
8. Provide a means of staff self-evaluation, or for evaluation by
outsiders.
9. Help demonstrate that the library is running a business-like
operation.
10. Provide information to assist in budget allocations.
11. Contribute to operational efficiency in terms of routine
decisions.
12. Serve as a tool of complaint handling with regard to inclusions
or exclusions.
04/12/14 18
19. Reasons for a written collection
development policy (RWCDP)
The library or information center’s primary task is to:
select,
maintain, and
provide access to relevant and representative information
resources.
Due to technological developments, libraries or information centers are,
in the main, moving from holdings (‘just in case’) to access (‘just in
time’) strategies. This implies that collecting policies are significantly
changing and that libraries and information centers need to
disseminate widely information on their collecting policies.
04/12/14 19
20. RWCDP (cont.)
• The main reasons for having a written collection development policy
can be put under four broad headings:
1. Selection: The primary function of a written collection
development policy is to provide guidance to staff when selecting
and deselecting (printed and non-print) resources for the
collection. The document serves as a guideline for each stage of
materials handling. It might cover the selection, acquisition,
processing, housing, weeding, retention, preservation (archiving in
case of electronic and digital resources), relegation and discard of
all types of library material in the relevant subjects, with reference
to specified levels of collection depth and breadth.
04/12/14 20
21. RWCDP (cont.)
• This reduces personal bias by setting individual
selection decisions in the context of the aims of
collection building practice, and identifies gaps in
collection development responsibilities. It ensures
continuity and consistency in selection and revision.
Moreover, it clarifies the purpose and scope of the
collections, and allows selection decisions to be
evaluated by, for example, identifying what
proportion of in-scope published material has been
acquired. Such a reference guide reduces the need of
selectors to raise recurrent questions, and assists in
the training of new staff. It also provides useful
information to other library staff whose work is
collection based.
04/12/14 21
22. RWCDP (cont.)
2. Planning: A policy document provides a sound foundation for
future planning, thereby assisting in determining priorities,
especially when financial resources are limited. This provides a
basis for the fair allocation of resources, and helps to protect library
funds by explaining the rationale behind acquisitions bids. Having a
formal publication to refer to ensures continuity and avoids
confusion. Compilation of a formal document is beneficial in itself,
in that it involves acquiring knowledge of existing collection
strengths, and obliges staff to reflect on the library's goals. The
stated aims help other collection-related activities such as
cataloguing, preservation and storage to form a coherent strategy,
and support reader services, for example by identifying areas that
are ripe for de-selection, or more suitable for inter-library loan,
document delivery or Internet access than for acquisition.
04/12/14 22
23. RWCDP (cont.)
3. Public relations: Formal policy statements can be
useful in making the case for the library when
dealing with both its users, administrators and
funding bodies. They support the stated objectives of
the organization, demonstrating accountability and
commitment to agreed goals. Ideally, the compilation
of the document requires the active participation of
both users and administrators, thereby improving
communication between the library and its clientele.
04/12/14 23
24. RWCDP (cont.)
4. The wider context: As individual libraries or information centers
are increasingly unable to provide all their services by themselves,
they are banding together into cooperatives, alliances and
consortia. For these ventures to work, there must be mutual
knowledge and agreement on which library is collecting what. A
written collection development policy therefore often serves as a
basis for wider cooperation and resource sharing, whether in a
locality, region, country, or even internationally.
04/12/14 24
26. Government information
ContGovernment information
• Government information is those information materials produced by
the government of a country and made available to its citizens through
legal deposit libraries. Eg, there are more than 1200 "depository
libraries" for U. S. government information.
• Governments is the largest producers of information in a country.
These same governments, (federal, state, local) are also desperately
looking for revenue.
• Two sources of revenue under consideration are selling government
information to the private sector for repackaging and resale or to
charge the public directly.
04/12/14 26
27. Freedom of Information
Freedom of Information
• Freedom of information allows individuals to request a wide range of
government information that may not normally be available.
• The Federal Government of countries of the world have some version
of this legislation although the degree of access varies widely.
• Freedom of information legislation is important because it can open
the operations of government to public study.
• The legislation requires that there is improved access to government
information with very limited exemptions to the release of
information by government to its citizens.
• It is an important component of the internationally guaranteed right to
freedom of expression, which includes the right to seek and receive,
as well as to impart, information and ideas of all kinds regardless of
frontiers.
27
28. Freedom of Information cont’
• The unequivocal importance of freedom of information was
recognized during the first session of the United Nations General
Assembly in 1946, which adopted Resolution No. 59 (1) stating that:
• ‘Freedom of information is a fundamental human right and the
touchstone of all the freedoms to which the UN is consecrated.’
• Eg, the Ethiopian Constitution in article 29 of proclamation
178/1999 guarantees right of thought, opinion, freedom of expression
and the press in the following terms:
• 1. Everyone has the right to hold opinions without interference.
• 2. Everyone has the right to freedom of expression without
interference.
04/12/14 28
29. Freedom of Information
Cont• This right shall include freedom to seek, receive and impart
information and ideas of all kinds, regardless of frontiers, either
orally, in writing or in print, in the form of art, or through any media
of his choice.
• 3. Freedom of the press and other mass media and freedom of artistic
creativity is guaranteed. Freedom of the press shall specifically
include the following elements:
• a) Prohibition of any form of censorship
• b) Access to information of public interest.
04/12/14 29
30. Freedom of Information cont’
• 4. In the interest of free flow of information, ideas and opinions which
are essential to the functioning of a democratic order, the press shall,
as an institution,
• Proclamation No. 178/1999, published on 29 June 1999 (Federal
Negarit Gazeta 5th Year No. 62).
• According to Article 19 of Global campaign for free expression on the
legal framework for freedom of expression in Ethiopia, there is no law
guaranteeing access to information in Ethiopia other than the general
principle laid down in the constitution and a brief article in the Press
law.
04/12/14 30
31. Information privacy
Information privacy
• Personal privacy has very much been affected by the internet.
• Eg, there is a great deal of information about individuals available on
the internet.
• Currently, a substantial amount of information can be and is collected
on the internet about individuals, often without the knowledge of the
individual.
• Perhaps some of it is advantageous, e.g. when a favorite shopping site
presents items probably of interest, but what about insurance
companies discovering that you visit certain sites providing
information on particular diseases in order to affect your insurance
coverage or rates?
04/12/14 31
32. Information privacy
Cont• The laws affecting privacy stem both from the federal and state
constitutions and statutes and from common law principles.
• Computers and telecommunications make it possible for
governments and corporations to collect vast amounts of
information on individuals.
• Protection of personal information is an important concern for
most people.
• Personal privacy protection legislation ensures that you know
what information the government is collecting about you; that it is
only collected for specific reasons associated with specific
government programs or laws; and that you can correct any
inaccurate information.
04/12/14 32
33. Information policy (Cont.)
Information policy
• Information policy is any law, regulation, rule, or practice (written or
unwritten) that affects the creation ,acquisition, organization,
designation or evaluation of information.
• Most often information policy is discussed in forms of governmental
legislation. This legislation usually focuses on areas such as:
– information technologies for educational and industrial uses,
– telecommunications,
– privacy issues,
04/12/14 33
34. Information policy Cont
– computer regulations and crimes,
– copyright and intellectual property, and
– government information systems.
• Information policy determines the kind of information:
– collected,
– created,
– organized,
– stored,
– accessed,
– disseminated and retained.
– Who can use the information, whether there will be charges for
access, and the amount charged, is also covered.
34
35. Information policy Cont
• An information policy is usually associated with government
information. we see information policy as concerned with 3 major
areas.
• Governmental creation and dissemination of information.
– This includes government funding of research and development
efforts, as well as government creation of information such as
economic statistics, dissemination of legislation and administrative
rulings, cultural materials, and so on.
– It is important to observe that government policy towards the
creation of information is distinct from government policy towards
the dissemination of information once created.
• Development, regulation, and usage of information infrastructure.
This includes issues such as telephony and broadcast regulation,
infrastructure for schools and libraries, security and integrity of the
infrastructure, and so on. 35
36. Information policy Cont
• Institutional and legal infrastructure. This includes US
participation in international treaties and organizations, privacy
rules, antitrust policy, standard settings, contract law, encryption
and security, and intellectual property policy.
• Information policy also establishes the rules within which private
information providers and the media operate.
• Information policy includes the following areas :
Literacy
privatization and distribution of government information
freedom of information access
protection of personal privacy
intellectual property rights
retention of archival copies of material
Citizen's Charter of Information Rights
36
38. Information Sector
• Information Policy – Scope
• The goal may be building an information society, but
Information policy is not just about information
technology.
• Good policy with regard to the building of the
information society must rely not only on sufficient
technical and material resources (the networks) and
skills, but also be logical with other societal policies.
40. Information policy Cont
National Information Policy – hierarchical levels
Infrastructural policies
• Deal with the development of national (or more recently also
regional) infrastructures required to support an information
society.
– The absence of infrastructural policies and implementation
strategies would make it virtually impossible to deliver on
any other vertical or horizontal ICT related policies.
Vertical Information Policies would include sectoral policies such
as education, tourism, manufacturing, health, etc.
Horizontal Information Policies refers to those policies that
impact on broad aspects of society, e.g. policies relating to
freedom of information, tariffs and pricing, and the use of ICTs
by government internally and in its relationships with citizens,
business, labour, academia, etc.
42. Information policy Cont
• An integrated ICT policy involves a high level of
collaboration from all relevant government departments, and
from the much larger group of stakeholders impacted by, and
impacting on ICT policy.
• Failure to provide integrative mechanisms for addressing ICT
policy formulation, and implementation, has been one of the
major stumbling blocks in many countries.
• In the absence of a national ICT policy, the tendency is
towards the creation of sector dependent policy that addresses
only its own ICT needs.
• These policies become firmly entrenched within the sector and
later attempts to integrate them into a broad all encompassing
ICT policy become difficult.
43. Information policy Cont
NIP – Contributions
• A National Information Policy framework will contribute to:
– Modernizing government
– Building a knowledge-driven economy
– The best environment in the world for e-commerce
– Improving health service effectiveness
– Improving educational effectiveness
– Avoiding social exclusion
– Implementing strategies for regional development
– Building an informed democracy
– Strengthening our cultural identity
– Maximizing investment benefits.
44. Issues to Consider in the Development of
Information Policy
• In developing countries the emphasis is often on infrastructure
policy development, while neglecting dimensions of human
resource development and information content issues.
• The move towards globalization in the Telecommunications
Sector
– Deregulation and liberalization
– Governments are under pressure from global forces,
specifically the World Trade Organization (WTO)
45. Issues to Consider in the Development of
Information Policy cont”
– The global telecommunications sector has experienced a
severe shift from transnational regulatory institutions to
the operation of the WTO's open market framework
– The first global shift has been one from closed domestic
markets to open competition.
• This changing environment has to be considered when
policies are formulated.
• Reform and Regulation of the Telecoms Sector
– The swing towards a worldwide liberal ICT regime
demanded the shift to a different regulatory regime.
– During the 1990s a telecoms reform wave arose, seeing
many countries creating independent and transparent
regulators, and regimes to manage transitions to a
competitive market.
46. Issues to Consider in the Development of
Information Policy cont”
African Telecommunication Union (ATU)
– The vision of ATU is to make Africa an equal and active
participant in the Global Information Society.
– The mission is to promote the rapid development of info-
communications in Africa in order to achieve universal
service and access, in addition to full inter-country
connectivity, in the most effective manner.
– The restructured African Telecoms Union is placing increased
emphasis on public/ private-sector partnerships for
telecommunications infrastructure development
The telecoms sector with entertainment houses, software
companies, cellular companies and Internet service providers
creating new techniques for distributing a multitude of
services and content over varied ICT infrastructure
47. WTO(World Trade Organization )
WTO, which has become the most important institution within
the global telecoms mark, has set rules for telecommunications
that extend across 140 countries.
– Underlying the WTO agreements is the move towards global
liberalized trade, including liberalized telecommunications
markets.
• Global influences shape policy:
– GATT - General Agreement of Tariffs and Trade
– WTO – World Trade Organization (1995)
– GATS – General Agreement on Trades and Services
– WTA – Information Technology Agreement (1997)
– WIPO – World Intellectual Property Organization
– WTO Basic Telecommunications Agreement - domestic and
foreign carriers treated equally, no restrictions on foreign capital,
48. Trans-border Data Flow (TDF)
• What is TDF?
– The flow of digital information across borders for storage or
processing in foreign computers.
What type of Data ?
• Personal Data
• Business Data
• Technical Data
• Organizational Data
49. Trans-border Data Flow (TDF)
cont”• TDF
– Types of Data Flows
• One-way flows
– Consolidation Flows
» subsidiary reporting to head office
– Distribution Flows
» Head office distributing data to subsidiaries
• Two-way flows
– Trans-National or Multi-national Data flows
– Users connect to host computer(s) in one or many
different countries
50. Trans-border Data Flow (TDF)
cont”
• TDF
– If data from country , flows through country without
storage or usage then no TDF has occurred
–Reasons for Regulation of Data flows
• National Security
• National Sovereignty
• National Economic welfare
• Protectionism
• Personal privacy
51. IP and STAKEHOLDERS Cont
INFORMATION POLICY AND THE STAKEHOLDERS
• There are a variety of stake holders in the information policy process,
stake holders who are deeply concerned about information from a
legal and political perspective.
• These stake holders include business, government, Information
producers, disseminators and the public.
Business and Industry
• Because information is critical to competition, business and industry
are very active in influencing policies that will affect the
dissemination and restriction of information.
04/12/14 51
52. IP and STAKEHOLDERS Cont
• Business and industry have special interests in both the discovery of
new knowledge and the organization of current knowledge.
• There are policies affecting the discovery and exploitation of new
knowledge to improve productivity and profit.
• Business and industry have a strong need to control knowledge and to
protect proprietary information; as well as laws that permit the
restriction of an employee's use of protected knowledge even after
separation from employment.
• Organizations need access to information to prosper.
04/12/14 52
53. IP and STAKEHOLDERS Cont
• The extent to which government policies permit easy and inexpensive
access to information can have a substantial effect on an
organization's ability to function effectively in competitive national
and international environment.
Government
• Political bodies are well aware that information is essential for
decision making and action.
• Local state and federal governments are obligated to collect, organize
and evaluate information.
• Government is also in the business of disseminating and controlling
information; to this end.
04/12/14 53
54. IP and STAKEHOLDERS Cont
• The government promulgation of regulations to restrict information
such as:
– information affecting national security, and
– playing a role in selecting what information is published and made
available to the public (or the press) and what information is not.
• Laws such as the freedom of information Act and the national security
Act form part of the process that defines the role of government in the
dissemination and control of information.
• Government use of such structures as libraries, museums and archives
to make available to its citizens the information that is meant for their
consumption.
•
04/12/14 54
55. IP and STAKEHOLDERS Cont
Telecommunications, Information Producers, Disseminators,
Transmitters, etc., as stakeholders
• Although these stake holders could be considered part of business and
industry, they form a critical subgroup that takes a special interest in
information policy because of the profound effect such policies might
have on them.
• Information producers and disseminators include the
telecommunications businesses such as telephone, television, cable,
and radio industry; producers of videos, DVDs and audio tapes; the
computer industry, including database producers and vendors; and of
course, libraries or information centers.
•
04/12/14 55
56. IP and STAKEHOLDERS Cont
• A particular subgroup within these information producers and
disseminations is known as the "digerati". The digerati form "the
bread group of individuals who invent, create, develop, manage, and
sell a wide spectrum of information technologies.
• They have jobs titles like librarian, information specialist, chief
executive officer, chief technology officer, chief information officer,
manager of information systems, software developer, soft ware
engineer, programmer, vice president of sales, and director of
marketing.
04/12/14 56
57. IP and STAKEHOLDERS Cont
• Because these individuals have special knowledge and control of
technology companies, and research, they can be particularly
influential in the policy making area.
• One can imagine any number of laws and regulations that can either
promote or diminish the effectiveness of information producers and
disseminators.
• Laws affecting competition, policing of services, the right to tape
programs, taxation, postal rates, and royalties and laws concerning
libel or invasion of privacy could all have profound implications as
information disseminators have a special role and exercise a special
interest because they are among the few whose motivations are not
profit oriented.
04/12/14 57
58. IP and STAKEHOLDERS Cont
Citizens and those organizations that represent their interest
• Citizens of a country are major stake holders to information.
• The manner by which information flows in the society has a direct
effect on our ability to make informed judgments and to take
deliberate action.
• The softest shift in policy may affect the extent to which we receive
accurate, up-to-date and sufficient information and who receives this
information is a critical function.
• However, citizens have rights to information that would help them
deal with their environment, such as information related to their
health, safety, careers and their government, including information on
political issues and candidates.
04/12/14 58
59. IP and STAKEHOLDERS Cont
• A fundamental value that underlies the transfer of the right of
individuals to information and with it comes the expectation that
information policies affect these rights is a critical consideration.
• Individual citizens however, do not always have a significantly strong
voice.
• Consequently, a variety of organizations try to represent the public's
interests on:
– information policy issues,
– including Associations,
– Union,
– Civil societies, Professionals, etc..
– with various clash of interest; and this produces a dynamic and
sometimes unsettling tension in the society.
59
60. Information security or Data Protection
Information security or Data Protection
As of January 2008, the internet connected an estimated 541.7 million
computers in more than 250 countries on every continent, even
Antarctica (Source: www.isc.org/index.p)
• The internet is not a single network, but a worldwide collection of
loosely connected networks that are accessible by individual
computer hosts, in a variety of ways, to anyone with a computer and a
network connection. Thus, individuals and organizations can reach
any point on the internet without regard to national or geographic
boundaries or time of day.
• Information security (InfoSec) is the protection of information and its
critical elements, including the systems and hardware which use, store
and transmit that information.
04/12/14 60
61. Information security or Data Protection cont”
However, along with the convenience and easy access to
information come risks. Among them are the risks that valuable
information will be lost, stolen, changed, or misused.
If information is recorded electronically and is available on
networked computers, it is more vulnerable than if the same
information is printed on paper and locked in a file cabinet.
They can steal or tamper with information without touching a piece
of paper or a photocopier. They can also create new electronic
files, run their own programs, and hide evidence of their
unauthorized activity.
Three basic security concepts important to information on the
internet are confidentiality, integrity, and availability.
Concepts relating to the people who use that information are
authentication, authorization, and nonrepudiation.
04/12/14 61
62. Information security or Data Protection cont”
When information is read or copied by someone not authorized to do so,
the result is known as loss of confidentiality.
• Introduction to Information Security
• Information can be corrupted when it is available on an insecure
network. When information is modified in unexpected ways, the result
is known as loss of integrity. This means that unauthorized changes
are made to information, whether by human error or intentional
tampering.
• Information can be erased or become inaccessible, resulting in
• loss of availability. This means that people who are authorized to get
information cannot get what they need.
Information security includes the broad areas of:
– information security management,
– computer and data security management,
– computer and data security, and network security. 62
63. Information security or Data Protection
cont”
• To protect information and its related systems, tools such as:
– policy,
– awareness,
– training and education, and
– technologies are of vital importance.
• Security is the quality or state of being secured, to be free from
danger.
• In other words, security can be defined as building protection against
adversaries.
• The security of information and its systems entails securing all
components and protecting them from potential misuse by
unauthorized users.
04/12/14 63