NCJ Number
62935
Date Published
1979
Length
14 pages
Annotation
RISK ASSESSMENT MANAGEMENT IN AN INFORMATION HANDLING ENVIRONMENT, SUCH AS A BANK OR A LIBRARY IS DISCUSSED WITH RESPECT TO THE LEGISLATIVE AND REGULATORY FRAMEWORK AND OTHER CONSIDERATIONS.
Abstract
RISK ASSESSMENT'S GOAL IS TO UNDERSTAND VULNERABILITY AND INSTITUTE A SET OF VIABLE SAFEGUARDS. SUBSTANTIAL SUPPORT FROM HIGH-LEVEL MANAGEMENT, ALONG WITH PHILOSOPHICAL AND EMOTIONAL COMMITMENT, IS NEEDED FOR RISK ASSESSMENT. GOOD MANAGEMENT PRACTICES CAN NEGATE THE NEED FOR ADDITIONAL GOVERNMENT REGULATION AND CONTROL. IN SOME CASES, MANDATED PRIVACY SAFEGUARDS HAVE STRENGTHENED MANAGEMENT PRACTICES AND IMPROVED PRODUCTIVITY. THE 1974 PRIVACY ACT IS AN EXAMPLE. TWO MAJOR TRENDS AFFECTING RISK ASSESSMENT IN BOTH THE PUBLIC AND PRIVATE SECTORS HAVE EVOLVED. FIRST, THE TENDENCY TO GREATER OPENNESS AND ACCOUNTABILITY THROUGH SUCH LAWS AS THE FREEDOM OF INFORMATION ACT HAS REQUIRED BOTH ACCESS AND INSTITUTION OF PROPER CONTROLS. SECOND, CONCERN FOR PRIVACY AND SECURITY HAS PROMOTED PROTECTION OF ASSETS. THE 1978 RIGHT TO FINANCIAL PRIVACY ACT LIMITS GOVERNMENT ACCESS TO AN INDIVIDUAL'S FINANCIAL RECORDS AND REQUIRES DISCLOSURES OF INFORMATION GIVEN TO LAW ENFORCEMENT AGENCIES. THE AMENDED CONSUMER CREDIT PROTECTION ACT ESTABLISHES RIGHTS AND RESPONSIBILITIES OF PARTICIPANTS IN ELECTRONIC FUNDS TRANSFER SYSTEMS. THE 1977 FOREIGN CORRUPT PRACTICES ACT REQUIRES COMPREHENSIVE MONITORING OF PRIVATE ORGANIZATIONS' RESOURCES. RISK ASSESSMENT EFFORTS MUST CONSIDER TIME, TYPES OF PERSONNEL, RESOURCES, AND AN UNDERSTANDING OF THE ENVIRONMENT TO BE CREATED. A CONTROLLED ENVIRONMENT IS ESSENTIAL. TECHNICAL ADVANCES HAVE REVOLUTIONIZED COMMUNICATIONS AND INFORMATION HANDLING. THE TRENDS TOWARD OPENNESS AND ACCOUNTABILITY, INCREASED GOVERNMENT INVOLVEMENT, AND INCREASED RELIANCE ON TECHNOLOGY WILL ALL REQUIRE COORDINATION WITHIN ORGANIZATIONS TO MEET NEW COMPETITIVE FORCES. (CFW)