Information security governance: business requirements and research directions

World wide the importance of Information Security Governance is demanding the attention of senior management. This is due to the ever-changing threat landscape requiring that organisations adopt a focussed approach towards the protection of information assets. Any successful approach towards Informa...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Corporate Ownership and Control 2009, Vol.7 (1), p.309-317
Hauptverfasser: Höne, Karin, Eloff, Jan
Format: Artikel
Sprache:eng
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:World wide the importance of Information Security Governance is demanding the attention of senior management. This is due to the ever-changing threat landscape requiring that organisations adopt a focussed approach towards the protection of information assets. Any successful approach towards Information Security Governance is dependant on the availability of relevant and timely research outputs. The research community working on Information Security Governance are diverse and appears to be mis-aligned with the needs of the business community. The problem that this paper addresses is twofold. Firstly, it addresses the confusion regarding the meaning of Information Security Governance. Secondly, it assesses the gap between research and business communities from an Information Security Governance perspective. This article analyses the requirements from the business community and mapped it against current research outputs. Findings clearly indicate that the two worlds are not entirely aligned and that in some cases minimum effort is being spent on the topics deemed important by the business community. Information Security Governance in general can benefit from an improved alignment between the needs of business and the outputs of the research community.
ISSN:1727-9232
1810-3057
DOI:10.22495/cocv7i1c2p6