ABSTRACT

Successful information protection and security requires the participation, compliance, and support of all personnel within an organization, regardless of their positions, locations, or relationships with the company. This includes any person who has been granted access to the organization’s extended enterprise information, and any employee, contractor, vendor, or business associate of the company who uses information systems resources as part of the job. A brief overview of the information protection and security responsibilities for various groups within an organization follows.