Improved Security through Information Security Governance

被引：37

作者：

Johnston, Allen C. ^{[1
]}

Hale, Ron ^{[2
]}

机构：

[1] ISACA, Informat Secur Practices, Rolling Meadows, IL USA

[2] Univ Alabama, Birmingham, AL USA

来源：

COMMUNICATIONS OF THE ACM | 2009年 / 52卷 / 01期

关键词：

D O I：

10.1145/1435417.1435446

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

The information security planning at the strategic level of the enterprise through Information Security Governance (ISG) and empirically assess of its value in enhancing the quality of information security programs is examined. ISG supports the optimization of security investments in support of business objectives and enables the firm to use security knowledge and infrastructure effectively. Executive management support is frequently cited as a critical component for information security program success. The discrepancy of perceptions between ISG Implementers and ISG Non-Implementers is valid for the relationship between business and information security. Studies examining the maturity of ISG implementation is in progress, which is in line with the study of new implementations involved in the early stages of implementation against those with established ISG program.

引用

页码：126 / 129

页数：4

共 50 条

[1] Information Security Governance
Williams, Paul
[J]. 2001, Elsevier Ltd (06): : 60 - 70
[2] Applying information security governance
Moulton, R
Coles, RS
[J]. COMPUTERS & SECURITY, 2003, 22 (07) : 580 - 584
[3] Information security governance framework
Faculty of Informatics, Kogakuin University, Japan
不详
不详
不详
不详
不详
[J]. Proc ACM Conf Computer Commun Secur, (1-5):
[4] An information security governance framework
Da Veiga, A.
Eloff, J. H. P.
[J]. INFORMATION SYSTEMS MANAGEMENT, 2007, 24 (04) : 361 - 372
[5] Corporate governance and information security
von Solms, B
[J]. COMPUTERS & SECURITY, 2001, 20 (03) : 215 - 218
[6] A framework for the governance of information security
Posthumus, S
von Solms, R
[J]. COMPUTERS & SECURITY, 2004, 23 (08) : 638 - 646
[7] An Overview of Information Security Governance
Asgarkhani, Mehdi
Correia, Eduardo
Sarkar, Amit
[J]. 2017 INTERNATIONAL CONFERENCE ON ALGORITHMS, METHODOLOGY, MODELS AND APPLICATIONS IN EMERGING TECHNOLOGIES (ICAMMAET), 2017,
[8] Towards a Framework for Strategic Security Context in Information Security Governance
Maynard, Sean B.
Tan, Terrence
Ahmad, Atif
Ruighaver, Tobias
[J]. PACIFIC ASIA JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS, 2018, 10 (04): : 65 - 88
[9] Enterprise Security Governance - A practical guide to implement and control Information Security Governance (ISG)
Alberto de Oliveira Alves, Gustavo
Rust da Costa Carmo, Luiz Fernando
Dutra de Almeida, Ana Cristina Ribeiro
[J]. INFORMATION TECHNOLOGY MANAGEMENT FROM A BUSINESS PERSPECTIVE, 2006, : 71 - +
[10] Information security governance in the electricity industry
de Oliveira, Igor Antonio Magalhaes
Mexas, Mirian Picinini
Machado, Elaine Mara Marcal
Drumond, Geisa Meirelles
[J]. BRAZILIAN JOURNAL OF OPERATIONS & PRODUCTION MANAGEMENT, 2022, 19 (01):

← 1 2 3 4 5 →