A Conceptual Hybrid Approach for Information Security Governance

被引:0
作者
Zaydi, Mounia [1 ]
Nassereddine, Bouchaib [1 ]
机构
[1] Fac Sci & Technol, Settat 577, Morocco
关键词
Information security; IT-GOV; ISS-GOV; ITSM; ITSecM; DELPHI METHOD;
D O I
暂无
中图分类号
O1 [数学];
学科分类号
0701 ; 070101 ;
摘要
Despite the technological advancements in information system security (ISS) and the availability of relevant IT frameworks, standards, and mechanisms of control and security, statistical trends in data breach reveals a growing threat to organization's security system. This is mainly due to the independent and separate use of these approaches. To address this, a vision of governance based on an integrated and holistic ISS perspective required. The research findings lead to design a new integrated model of ISS-GOV, including three essential dimensions: IT governance (IT-GOV), IT security management (ITSecM) and IT service management (ITSM). To this end, we are going to use approaches proven successful for these 3 disciplines around the world, most notably ITIL, COBIT and ISO27001, as well as ensuring continuous improvement through the quality approach of PDCA.
引用
收藏
页码:47 / 66
页数:20
相关论文
共 29 条
[1]  
Adler, 1996, GAZING ORACLE DELPHI
[2]   ASSESSING THE QUALITY OF EXPERT JUDGMENT - ISSUES AND ANALYSIS [J].
BOLGER, F ;
WRIGHT, G .
DECISION SUPPORT SYSTEMS, 1994, 11 (01) :1-24
[3]  
Booto Ekionea J., 2011, RECH QUAL, V29, P168
[4]   Antiretroviral therapy in adults - Updated recommendations of the International AIDS Society-USA Panel [J].
Carpenter, CCJ ;
Cooper, DA ;
Fischl, MA ;
Gatell, JM ;
Gazzard, BG ;
Hammer, SM ;
Hirsch, MS ;
Jacobsen, DM ;
Katzenstein, DA ;
Montaner, JSG ;
Richman, DD ;
Saag, MS ;
Schechter, M ;
Schooley, RT ;
Vella, S ;
Yeni, PG ;
Volberding, PA .
JAMA-JOURNAL OF THE AMERICAN MEDICAL ASSOCIATION, 2000, 283 (03) :381-390
[5]   AN EXPERIMENTAL APPLICATION OF THE DELPHI METHOD TO THE USE OF EXPERTS [J].
DALKEY, N ;
HELMER, O .
MANAGEMENT SCIENCE, 1963, 9 (03) :458-467
[6]  
De Haes S., 2015, ENTERPRISE GOVERNANC
[7]  
de Haes S., 2013, Isaca Journal, V5, P1
[8]  
Disterer G., 2013, J INF SECUR, V4, P92, DOI [10.4236/jis.2013.42011, DOI 10.4236/JIS.2013.42011]
[9]  
Hopurcuoglu D, 2018, CHILDHOOD ONSET TAKA, P1
[10]  
International Standards Organization (ISO), 2013, 27001 ISOIEC, P5