Exploring information security compliance in corporate IT governance

被引：5

作者：

Tarn, J. Michael ^{[1
]}

Raymond, Heath ^{[2
]}

Razi, Muhammad ^{[1
]}

Han, Bernard T. ^{[1
]}

机构：

[1] Western Michigan Univ, Haworth Coll Business, Dept Business Informat Syst, 1903 W Michigan Ave,MS 5412, Kalamazoo, MI 49008 USA

[2] Keane Inc, Grand Rapids, MI USA

来源：

HUMAN SYSTEMS MANAGEMENT | 2009年 / 28卷 / 03期

关键词：

Information security management; IT governance; security; compliance;

D O I：

10.3233/HSM-2009-0698

中图分类号：

C93 [管理学];

学科分类号：

12 ; 1201 ; 1202 ; 120202 ;

摘要：

This article first reviews the major IT governance frameworks and then discusses the case study of a multinational enterprise. A problem and gap analysis employing an information security management systems (ISMS) compliance approach is performed via the establishment and evaluation of the company's statement of applicability (SOA) according to ISO 27001. The article concludes with recommendations for how the company can address the gaps in its ISMS and achieve security compliance in its IT governance.

引用

页码：131 / 140

页数：10

共 50 条

[21] Does corporate governance compliance condition information asymmetries? Moderating role of voluntary disclosures
Tahir, Samya
Ehsan, Sadaf
Hassan, Mohammad Kabir
Zaman, Qamar Uz
JOURNAL OF ASIAN BUSINESS AND ECONOMIC STUDIES, 2023, 30 (01): : 2 - 25
[22] Information Security Governance
Williams, Paul
2001, Elsevier Ltd (06): : 60 - 70
[23] Corporate governance and compliance with AAOIFI governance standards by Islamic banks
Mnif, Yosra
Tahari, Marwa
INTERNATIONAL JOURNAL OF ISLAMIC AND MIDDLE EASTERN FINANCE AND MANAGEMENT, 2020, 13 (05) : 891 - 918
[24] Corporate Security Compliance in a Heterogeneous Environment
Yip, Frederick
Wong, Alfred Ka Yiu
Ray, Pradeep
Paramesh, Nandan
2006 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, VOLS 1 AND 2, 2006, : 939 - 942
[25] Mitigating security stress: Exploring the contingent role of collaborative communication in enhancing information security compliance
Hwang, Inho
Seo, Ribin
COMPUTERS & SECURITY, 2025, 151
[26] Exploring differences between smaller and large organizations' corporate governance of information technology
Wilkin, Carla L.
Couchman, Paul K.
Sohal, Amrik
Zutshi, Ambika
INTERNATIONAL JOURNAL OF ACCOUNTING INFORMATION SYSTEMS, 2016, 22 : 6 - 25
[27] Representation of corporate governance information: organization of information as constructs for governance
Bastos, Geraldino Gongalves
Duque, Claudio Gottschalg
RDBCI-REVISTA DIGITAL DE BIBLIOTECONOMIA E CIENCIA DA INFORMACAO, 2023, 21
[28] Representation of corporate governance information: organization of information as constructs for governance
Bastos, Geraldino Goncalves
Duque, Claudio Gottschalg
RDBCI-REVISTA DIGITAL DE BIBLIOTECONOMIA E CIENCIA DA INFORMACAO, 2023, 21
[29] Corporate governance and Islamic law compliance risk
Mukhibad, Hasan
Nurkhin, Ahmad
Jati, Kuat Waluyo
Jayanto, Prabowo Yudo
McMillan, David
COGENT ECONOMICS & FINANCE, 2022, 10 (01):
[30] Patterns of compliance with the German Corporate Governance Code
Talaulicar, Till
Von Werder, Axel
CORPORATE GOVERNANCE-AN INTERNATIONAL REVIEW, 2008, 16 (04) : 255 - 273

← 1 2 3 4 5 →