The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Governing Information Security: Governance Domains and Decision Rights Allocation Patterns
Abstract
Governance of the information security function is critical to effective security. In this paper, the authors present a conceptual model for security governance from the perspective of decision rights allocation. Based on Da Veiga and Eloff’s (2007) framework for security governance and two high-level information security documents published by the National Institute of Standards and Technology (NIST), the authors present seven domains of information security governance. For each of the governance domains, they propose a main decision type, using the taxonomy of information technology decisions defined by Weill and Ross (2004). This framework recommends the selection of decision rights allocation patterns that are proper to those decision types to ensure good security decisions. As a result, a balance can be achieved between decisional authority and responsibility for information security.
Related Content
|
Tereza Raquel Merlo, Nayana Madali M. Pampapura, Jason M. Merlo.
© 2024.
14 pages.
|
|
Kris Swen Helge.
© 2024.
9 pages.
|
|
Ahmad Tasnim Siddiqui, Gulshaira Banu Jahangeer, Amjath Fareeth Basha.
© 2024.
12 pages.
|
|
Jennie Lee Khun.
© 2024.
19 pages.
|
|
Tereza Raquel Merlo.
© 2024.
19 pages.
|
|
Akash Bag, Paridhi Sharma, Pranjal Khare, Souvik Roy.
© 2024.
31 pages.
|
|
Akash Bag, Upasana Khattri, Aditya Agrawal, Souvik Roy.
© 2024.
28 pages.
|
|
|