Information Security: Risk, Governance and Implementation Setback

被引:16
|
作者
Fazlida, M. R. [1 ]
Said, Jamaliah [2 ]
机构
[1] Univ Teknol MARA, Fac Accountancy, Shah Alam 40450, Malaysia
[2] Univ Teknol MARA, Accounting Res Inst, Shah Alam 40450, Malaysia
来源
7TH INTERNATIONAL CONFERENCE ON FINANCIAL CRIMINOLOGY 2015, 7TH ICFC 2015 | 2015年 / 28卷
关键词
Information security; Governance; FRAMEWORK; MODEL;
D O I
10.1016/S2212-5671(15)01106-5
中图分类号
F8 [财政、金融];
学科分类号
0202 ;
摘要
The growing emergence of information security threat call for information security to be integrate in the organization's corporate governance and been treat as high important as other critical corporate governance area by Boards and executive management. This paper provides an overview of information security risk, governance and implementation setback. Review shows that Information Security can complement IT Governance (ITG), in term of assurance on the confidentiality, integrity, and availability of information. Well-known ITG Framework such as ISO 27001 and COBIT could be used by organizations to help ease Information Security Governance (ISG) implementation. Amongst hindrance to ISG implementation is lack of awareness on the important of information security by BOD and stakeholders, unclear policies and staff rejection. (C) 2015 The Authors. Published by Elsevier B.V.
引用
收藏
页码:243 / 248
页数:6
相关论文
共 50 条
  • [1] Obstacles to Implementation of Information Security Governance
    Lidster, William W.
    Rahman, Shawon S. M.
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, : 1826 - 1831
  • [2] Managing Information Security Risk Using Integrated Governance Risk and Compliance
    Nicho, Mathew
    Khan, Shafaq
    Rahman, M. S. M. K.
    2017 INTERNATIONAL CONFERENCE ON COMPUTER AND APPLICATIONS (ICCA), 2017, : 56 - 66
  • [3] Information Security Governance
    Williams, Paul
    2001, Elsevier Ltd (06): : 60 - 70
  • [4] Information security governance implementation within Ghanaian industry sectors an empirical study
    Yaokumah, Winfred (winfred91@gmail.com), 1600, Emerald Group Holdings Ltd. (22):
  • [5] Applying information security governance
    Moulton, R
    Coles, RS
    COMPUTERS & SECURITY, 2003, 22 (07) : 580 - 584
  • [6] Information security governance framework
    Faculty of Informatics, Kogakuin University, Japan
    不详
    不详
    不详
    不详
    不详
    Proc ACM Conf Computer Commun Secur, (1-5):
  • [7] An information security governance framework
    Da Veiga, A.
    Eloff, J. H. P.
    INFORMATION SYSTEMS MANAGEMENT, 2007, 24 (04) : 361 - 372
  • [8] Corporate governance and information security
    von Solms, B
    COMPUTERS & SECURITY, 2001, 20 (03) : 215 - 218
  • [9] A framework for the governance of information security
    Posthumus, S
    von Solms, R
    COMPUTERS & SECURITY, 2004, 23 (08) : 638 - 646
  • [10] An Overview of Information Security Governance
    Asgarkhani, Mehdi
    Correia, Eduardo
    Sarkar, Amit
    2017 INTERNATIONAL CONFERENCE ON ALGORITHMS, METHODOLOGY, MODELS AND APPLICATIONS IN EMERGING TECHNOLOGIES (ICAMMAET), 2017,
12345