Towards a Framework for Strategic Security Context in Information Security Governance

IF 2.4 Q2 INFORMATION SCIENCE & LIBRARY SCIENCE Pacific Asia Journal of the Association for Information Systems Pub Date : 2018-12-12 DOI:10.17705/1PAIS.10403
S. Maynard, Terrence H. Tan, Atif Ahmad, T. Ruighaver
{"title":"Towards a Framework for Strategic Security Context in Information Security Governance","authors":"S. Maynard, Terrence H. Tan, Atif Ahmad, T. Ruighaver","doi":"10.17705/1PAIS.10403","DOIUrl":null,"url":null,"abstract":"Information security governance influences the quality of strategic decision-making to ensure that investments in security are effective. Security governance involves a range of activities including adjusting organizational structures, designating roles and responsibilities, allocating resources, managing risks, measuring results, and gauging the adequacy of audits and reviews. We identified three security issues in an organization around strategic context in an in-depth and revelatory case study. These are (1) limited diversity in decision-making; (2) lack of guidance in corporate-level mission statements to security decision-makers; (3) a bottom-up approach to security strategic context development. We further argue that instead of an approach that is based on risk and controls, organizations should address objectives and strategies through developing depth in their security strategic context.","PeriodicalId":43480,"journal":{"name":"Pacific Asia Journal of the Association for Information Systems","volume":"1 1","pages":"4"},"PeriodicalIF":2.4000,"publicationDate":"2018-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pacific Asia Journal of the Association for Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17705/1PAIS.10403","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 11

Abstract

Information security governance influences the quality of strategic decision-making to ensure that investments in security are effective. Security governance involves a range of activities including adjusting organizational structures, designating roles and responsibilities, allocating resources, managing risks, measuring results, and gauging the adequacy of audits and reviews. We identified three security issues in an organization around strategic context in an in-depth and revelatory case study. These are (1) limited diversity in decision-making; (2) lack of guidance in corporate-level mission statements to security decision-makers; (3) a bottom-up approach to security strategic context development. We further argue that instead of an approach that is based on risk and controls, organizations should address objectives and strategies through developing depth in their security strategic context.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
构建信息安全治理中的战略安全框架
信息安全治理影响战略决策的质量,以确保对安全的投资是有效的。安全治理涉及一系列活动,包括调整组织结构、指定角色和职责、分配资源、管理风险、度量结果,以及度量审计和评审的充分性。在一个深入的、具有启发性的案例研究中,我们围绕战略上下文确定了组织中的三个安全问题。它们是:(1)决策的多样性有限;(2)企业使命宣言对安全决策者缺乏指导;(3)自下而上构建安全战略环境。我们进一步论证,组织应该通过在其安全战略环境中发展深度来处理目标和战略,而不是基于风险和控制的方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
4.10
自引率
33.30%
发文量
0
期刊最新文献
The Influence of Campaign Presentation Cues on Crowdfunding Performance – Reviewing the Empirical Reward-Based Crowdfunding Literature Getting Around to It: How Design Science Researchers Set Future Work Agendas Beyond Digital Data and Information Technology: Conceptualizing Data-Driven Culture Digital Nudge Stacking and Backfiring: Understanding Sustainable E-Commerce Purchase Decisions Improvisational and Dynamic Capabilities as Drivers of Business Model Innovation: An Enterprise Architecture Perspective
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1