Abstract:
Information is a critical resource for an organisation. Increasingly, information security is becoming an ever-increasing complex responsibility for IT management responsible for the safe-keeping of this critical resource. This paper describes that implementing good security can be greatly simplified by following procedures and processes already developed and documented by Information Security experts. Augmenting this is a recommendation that educational institutions offering IT programs include security education components to develop a pool of IT security trained graduates to address the huge demand by industry and users of IT systems for secure systems.