Research the topic of Information Security Management from quality Paper

The topic of Information Security Management from quality - Research Paper Example A large number of small-to-medium sized enterprises have and are investing a substantial amount of capital and resources into their business to cement their place within the world of business (eCom Advisor, 2000). The latest networking technology not only helps them achieve this but also allows them to expand their business and upgrade their SME into a large enterprise. This paper would take a look at the security threats that an SME faces online and its need of information security management to tackle these threats. ... This exposes their data to threats such as phishing, Trojans, spam and viruses. These threats could have a serious impact on the daily operations of the business being conducted. Moreover these threats can even sometimes have long term effects that hinder in the company’s growth and become a reason towards the loss in the company’s productivity (GFI software, 2009). SMEs are usually restricted in terms of resources and finances. Any significant loss of data or leakage of secret information could destroy the entire business (GFI software, 2009). This means that data integrity is a vital component within a SME and can make or break its business. An effective Information security management allows businesses to implement various measures that would protect various data and assets that the business owns. Information security management not only allows an organization to tackle security threats that it faces but also allows it to measure the impact the attack would have on t he performance of the business (Alexander, Finch, & Sutton, 2008). Incident response management and disaster recovery Components of an incident: Before the discussion of an incident management system it is vital to understand what an incident is and what the components of an incident are. An incident is an event that occurs due to an action that is executed by a person or an individual. Usually the purpose of these actions is to cause harm to the working of the system or to the data contained within the system. It is vital to point out here that incidents are a subset of events. An incident comprises of three components event, incident response team and incident investigation (Molino, 2006). An event is an activity that causes a deviation of the system from its normal working. An event is