A systems interruption has been traced to a personal USB device plugged into the corporate network by an IT employee who bypassed internal control procedures.
Of the following, who should be accountable?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The person who should be accountable for the system interruption caused by the personal USB device is the IT employee who bypassed internal control procedures.
Explanation:
Corporate networks have strict security protocols in place to protect the confidentiality, integrity, and availability of information. These protocols are designed to prevent unauthorized access to the network and to prevent the introduction of malicious software or other threats.
One of these protocols is the use of personal USB devices, which are often prohibited on corporate networks because they can introduce viruses and other malware that can compromise network security. In this case, an IT employee bypassed the internal control procedures by plugging a personal USB device into the corporate network, which caused a systems interruption.
The responsibility for ensuring compliance with internal control procedures and network security protocols lies with the IT employee who bypassed the controls. The employee violated established security protocols and introduced a potential risk to the organization's information assets.
While the CRO, BCM, HRM, and CIO are all responsible for various aspects of risk management and information security, in this case, none of them are directly responsible for the actions of the IT employee. The CIO may be responsible for implementing security protocols and ensuring compliance, but the employee's actions were a deliberate violation of those protocols.
In conclusion, the IT employee who bypassed internal control procedures and plugged a personal USB device into the corporate network should be held accountable for the system interruption.