IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

An Information Governance Model for Information Security Management

An Information Governance Model for Information Security Management
View Sample PDF
Author(s): Matthew Nicho (University of Dubai, UAE)
 Copyright: 2013
 Pages: 35
 Source title: IT Security Governance Innovations: Theory and Research
Source Author(s)/Editor(s): Daniel Mellado (Spanish Tax Agency, Spain), Luis Enrique Sánchez (University of Castilla-La Mancha, Spain), Eduardo Fernández-Medina (University of Castilla – La Mancha, Spain)and Mario G. Piattini (University of Castilla - La Mancha, Spain)
 DOI: 10.4018/978-1-4666-2083-4.ch007

Purchase

View An Information Governance Model for Information Security Management on the publisher's website for pricing and purchasing information.

Abstract

The purpose of this paper is to propose an IS security governance model to enhance the security of information systems in an organisation by viewing security from a holistic perspective of encompassing information security, information assurance, audit, governance, and compliance. This is achieved through the strategic integration of appropriate frameworks, models, and concepts in information governance, IS service management, and information security. This involves analysing the relevant frameworks, models, and concepts used in the above domains, extracting the best practices for implementing them from the literature and mapping these into an integrated standard. The frameworks identified are Control Objectives for Information and related Technology (COBIT), Information Technology Infrastructure Library (ITIL), ISO 27002, Risk IT, and Payment Card Industry Data Security Standard (PCI DSS). While it is evident that each of these five frameworks serve different purpose of information systems, such as information auditing and governance, facilitating the delivery of high-quality IT services, providing a model managing an Information Security Management System, providing a risk focus, and protection of cardholder data, all of these frameworks have the common objective to secure the IS assets in an organisation. Hence, extraction of the best practices in each of these framework can provide effective security of organisational IS assets rather than adequate security.

Related Content

Robert Casal, Raghvendra Singh, Daniel Della Posta, James Quinn. © 2023. 24 pages.
Nikitha Agnew, Manish Gupta, Raj Sharman. © 2023. 43 pages.
Ajeethra Balamurugan, Harshitha Anand Shetty, Karthikeyan Muthumani Sengunthar, Manish Gupta. © 2023. 27 pages.
Harshada Dayasagar Samant, Raghvendra Singh. © 2023. 31 pages.
Raghvendra Singh. © 2023. 21 pages.
Prabhat Kumar, Othniel Lambert, Sivajit Sreekumar, Mukesh Ravi Bhatia, Akash Garg. © 2023. 34 pages.
Sushmita Podugu, Vamsi Krishna Rayapureddi, Manish Gupta. © 2023. 30 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.