Information Security Governance: A model based on the Direct–Control Cycle

Information Security Governance: A model based on the Direct–Control Cycle

It is generally accepted that Information Security Governance is an integral part of Corporate Governance. It is therefore essential for any company to have a proper Information Security Governance program which reflects this integration with Corporate Governance. One of the core principles of Gover...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2006-09, Vol.25 (6), p.408-412
Hauptverfasser: von Solms, Rossouw, (Basie) von Solms, S.H.
Format: Artikel
Sprache:eng
Schlagworte:
Compliance
Compliance enforcement
Corporate Governance
Data integrity
Direct–Control Cycle
Governance
Information Security Governance
Management levels
Studies
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:It is generally accepted that Information Security Governance is an integral part of Corporate Governance. It is therefore essential for any company to have a proper Information Security Governance program which reflects this integration with Corporate Governance. One of the core principles of Governance, and specifically Corporate Governance, is the Direct–Control Cycle which, in its simplest form, ‘prescribes’ and ‘checks’. This paper presents an Information Security Governance model based on this cycle.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2006.07.005