Chervany, (1978) declared that with the development of expanded exchange of information and data on worldwide basis, there was a severe demand for computer security. This security is basically meant for information system and often gets described through some specified components. These components are inclusive of Repositories, Interfaces and Channels and the user, that is the human operator must get proper training for the using these components. Chervany, was very particular about the professional training of the employees in an organisation and stated that is the employees are not well trained then the security component will not function well. This can create havoc in the organisational system and can lead to many document disclosures. In order to meet the security demands of IS the selection of professionals and provisions for in house training units are highly recommended. Since the growth of an organisation depends a lot on the exchange of information and data in a secured manner and failure of the same can create endless management and organisational chaos. Emphasis over Repositories, Interfaces and Channels has been stronger, since these are the core links through which the security of a computer can be destroyed. Less or confused understanding of Repositories, Interfaces and Channels can create threat to organisational validity and thus should be always kept under proper speculations for long term persuasions. It is here that the declaration of Markus and Robey seems to be very appropriate. As in their theory they have declared that utility of organisational validity is not from the normative application of the particular concept and thus in terms of security normative application of security measures is not enough to meet the wide ranged distributed information system.