Information Security: Risk, Governance and Implementation Setback

被引:16
作者
Fazlida, M. R. [1 ]
Said, Jamaliah [2 ]
机构
[1] Univ Teknol MARA, Fac Accountancy, Shah Alam 40450, Malaysia
[2] Univ Teknol MARA, Accounting Res Inst, Shah Alam 40450, Malaysia
来源
7TH INTERNATIONAL CONFERENCE ON FINANCIAL CRIMINOLOGY 2015, 7TH ICFC 2015 | 2015年 / 28卷
关键词
Information security; Governance; FRAMEWORK; MODEL;
D O I
10.1016/S2212-5671(15)01106-5
中图分类号
F8 [财政、金融];
学科分类号
0202 ;
摘要
The growing emergence of information security threat call for information security to be integrate in the organization's corporate governance and been treat as high important as other critical corporate governance area by Boards and executive management. This paper provides an overview of information security risk, governance and implementation setback. Review shows that Information Security can complement IT Governance (ITG), in term of assurance on the confidentiality, integrity, and availability of information. Well-known ITG Framework such as ISO 27001 and COBIT could be used by organizations to help ease Information Security Governance (ISG) implementation. Amongst hindrance to ISG implementation is lack of awareness on the important of information security by BOD and stakeholders, unclear policies and staff rejection. (C) 2015 The Authors. Published by Elsevier B.V.
引用
收藏
页码:243 / 248
页数:6
相关论文
共 25 条
[21]  
PricewaterhouseCoopers P., 2014, PWCS 2014 GLOB EC CR
[22]  
Tokhid M., 2012, 3rd International Conference on Business and Economic Research, P3081
[23]  
Tuttle Brad, 2007, International Journal of Accounting Information Systems, V8, P240, DOI 10.1016/j.accinf.2007.09.001
[24]  
Ula M., 2011, Journal of Information Assurance & Cybersecurity, V2011, P1, DOI DOI 10.5171/2011.726196
[25]   Information security - The Fourth Wave [J].
von Solms, Basie .
COMPUTERS & SECURITY, 2006, 25 (03) :165-168
123