A framework for the governance of information security |
| |
| Authors: | Shaun Posthumus Rossouw von Solms |
| |
| Affiliation: | Port Elizabeth Technikon, Department of Information and Technology, Private Bag X6011, Port Elizabeth 6000, South Africa |
| |
| Abstract: | This paper highlights the importance of protecting an organization's vital business information assets by investigating several fundamental considerations that should be taken into account in this regard. Based on this, it is illustrated that information security should be a priority of executive management, including the Board and CEO and should therefore commence as a corporate governance responsibility. This paper, therefore, motivates that there is a need to integrate information security into corporate governance through the development of an information security governance (ISG) framework. This paper further proposes such a framework to aid an organization in its ISG efforts. |
| |
| Keywords: | Business information risk Corporate governance Information security governance |
| 本文献已被 ScienceDirect 等数据库收录! |
