Information Security
Information can take many forms, it can be stored electronically, written or printed, spoken, transmitted via networks, in particular the internet. As a result, information is probably more exposed to potential security threats than many other business assets, therefore, requiring greater controls to protect it.
Business is often about taking risk but it is good business practice to understand what those risks are and where possible to reduce them. Likewise information security is about identifying vulnerabilities and taking precautions to reduce those vulnerabilities.
Information security is most certainly a management issue not simply one for the IT department, something that is so often misunderstood. Boards need to be aware of any potential issues in order to minimise any risk to the business and to maximise business opportunities.