| Popis: |
Pojavlja se vprašanje čemu pravzaprav uporabljati vso novo tehnologijo in varnostne ukrepe oz. kaj je poslovna dodana vrednost? Ali bo podjetje zaradi boljše varnosti in varnostne politike dosegalo boljše poslovne rezultate? Kakšen je pravzaprav učinek večje varnosti podatkov? Odgovor je: večja varnost podatkov zmanjša tveganje poslovanja, zmanjša tveganje pred vdorom v bazo podatkov, zmanjša tveganje pred razkritjem podatkov, zmanjša tveganje pred neskladnostjo z zakonodajo, kot je recimo Zakon o varovanju osebnih podatkov ali drugih zakonov, ki lahko za sabo potegnejo negativne posledice. Zato na varnost podatkov v podjetju in e-računovodstvu ne smemo gledati kot na nekaj, kar so si pred kratkim izmislili, ampak kot na dobro prakso in izkušnje upravljanja s podatki, ki so se nabirala zadnja desetletja. Namen varnostne politike je z informacijsko varnostjo v e-računovodstvu podjetju zagotoviti neprekinjeno poslovanje, omejiti poslovno škodo, zagotoviti skladnost z zakonodajo, obvarovati dobro ime oziroma ugled na trgu ter preprečevati in zmanjševati učinke varnostnih dogodkov. Za izboljšanje informacijske varnosti je poleg zapisane varnostne politike zelo pomembno tudi njeno izvajanje in spremljanje njene učinkovitosti. Prikazali smo, da je visoka stopnja varnosti lahko tudi zelo draga, zato je pomembno pripraviti tako varnostno politiko, ki bo odraz občutljivosti informacij, ki se nahajajo v specifičnem poslovnem okolju. The question arises why should the modern technology and safety features be used at all? And what exactly is business added value? Will a company be able to achieve better business results on the basis of improved safety and security policy? What is the upshot of greater data security? The answer is as follows: Greater data security reduces business risks, it reduces the risk of database breaches, it reduces the risk of data disclosure, and it reduces the risk of non-conformity with the applicable legislation, such as the Personal Data Protection Act and other Acts that can result in negative consequences. Data security in a company and e-accounting, therefore, should not be considered as something that has just been invented. Instead, it should be seen as good practice and experience in data management that has been accumulating for the past few decades. The objective of a company's security policy is to provide, through security in e-accounting, uninterrupted business operations, limit business damage, ensure compliance with legislation, protect the reputation on the market and reduce the impact of security-related events. In addition to the security policy design, its implementation and efficiency monitoring is also critical for improving information safety. It has been shown that high level of security can also be very expensive, therefore, such a security policy should be drawn up that will reflect the sensitivity of information found in a specific business environment. |
