Today we are going to talk about the organizational processes.  An organization is not a static place. There are changes taking place in an organization every single second. There are many processes that take place in an organization.

before you proceed with this chapter, i would suggest you to go through some other concepts… CIA TRIAD, IAAA, Types of Security

But today we will discuss the major and important and big processes that take brings various risk and security threats.

  1. Mergers
  2. Accusations
  3. Divestitures
  4. Spin-offs

 These 4 major process occur while expansion or contraction of the organization and needs to be taken care of very well because of all the security risks they bring with them.

Mergers & Accusations

When organizations come together to form one single organization, that is called a merger and when one organization takes over another organization that’s called an accusation.

So basically when a merger happens, both organizations come together and work for some common objective but when it comes to an accusation, the company that is being overtaken by another company becomes its property.

So how both of these terms are important?

If your organization merges with another organization. Think about those employees who work in that organization or the computers, their systems, their processes, their policies and procedures, their physical, logical and administrative security… it may not be strong enough!

Whenever such things happens, you always want to audit each and everything thoroughly, having some group sessions, conduct seminars, trainings, and make sure everything is up to the mark.

oh by the way did you read Goals, Objectives and Mission of Organization?

Divestitures and Spin-offs

So now divestitures and the spinoff are totally the opposite things to merger and acquisition.

There are some security threats such as who will handle the employees now, the employees that are working with you, may now become a part of another organization. They may have rights and information of your organization which you want to stop from being disclosed by getting some NON-DISCLOSURE-AGREEMENTS and revoking their old accounts in your organization.

You also want to work with all other assets like Computers, Storage Devices etc. Make sure that there is nothing left in them which can cause you problems later

I know you love my articles but may be you don’t know that This Article is a part of my Last Week CISSP
also check my Free Courses on Infosec