Question

As a risk manager, should you approach regulations as a risk to information systems? Do you see regulations as important measures to strengthen information security or as ways to exert unnecessary control over organizations?

Answer 1

Risk managers taking the regulations on regard with the information systems are considered an effective manner in my opinion to analyse and understand the machanism and management of the information system. The importance of regulations to strengthen the information system and the security are as follows:

1. Standard: The regulations we made on the information system helps us to effective analyse and set the standards of the information system. It helps to set the objectives about how the technology would help the organistaion to achieve more heights and how those standards can be calculated with the actual work performed. It helps to achieve the targets and the objectives effectively efficiently for the information system.

2. Discipline: Under the regulations, Another factor which helps the information system is the discipline factor. Regulatory factors helps in maintaining the standardised and the discipline about the information system. Who will control, who would delegate and who will get the data extracted and who would select the data and who will show the dara, all these discipline factors and the organisational factors are under the regulatory feature for this information system.

3. Effective Results: At last, the regulation of the information system would help to declare the effective results of the information system. The regulation would help to channelise and check hoe effective the standards are. If the accuracy of the standards can be calculated, the results can also be analysed ad compared to the standards of how the company and its information system is working.