1.Management is responsible for implementing information security to protect the
ability of the organization to function.They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues.Management must make policies choices and enforce those policies to protect the value of organization's data .
2.Date is important to an organization because without it an organization will lose
its record of transaction and/or its ability to furnish valuable deliverables to its costumers. others assets that require protection include the ability of the organization to function , the safe operation of applications, and technology assets.
3.Both general management and IT management are responsible for emplementing