Trust: An Element of Information Security

Information security is no longer restricted to technical issues but incorporates all facets of securing systems that produce the company’s information. Some of the most important information systems are those that produce the financial data and information. Besides securing the technical aspects of these systems, one needs to consider the human aspects of those that may ‘corrupt’ this information for personal gain. Opportunistic behaviour has added to the recent corporate scandals such as Enron, WorldCom, and Parmalat. However, trust and controls help curtail opportunistic behaviour, therefore, confidence in information security management can be achieved. Trust and security-based mechanisms are classified as safeguard protective measures and together allow the stakeholders to have confidence in the company’s published financial statements. This paper discusses the concept of trust and predictability as an element of information security and of restoring stakeholder confidence. It also argues that assurances build trust and that controls safeguard trust.