Information Security Governance - Compliance management vs operational management

被引:38
|
作者
von Solms, SH [1 ]
机构
[1] Univ Johannesburg, Dept Acad Informat Technol, ZA-2006 Johannesburg, South Africa
来源
COMPUTERS & SECURITY | 2005年 / 24卷 / 06期
关键词
information security; information security management; information technology governance; corporate governance; operational management; compliance management; risk management;
D O I
10.1016/j.cose.2005.07.003
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper discusses the difference that should exist between Information Security Operational Management and Information Security Compliance Management. The paper argues that for good Information Security Governance, good IT Governance and good Corporate Governance, these two dimensions of Information Security Management should be totally separate, and housed in separate departments. (C) 2005 Elsevier Ltd. All rights reserved.
引用
收藏
页码:443 / 447
页数:5
相关论文
共 50 条
  • [1] MAVEN Information Security Governance, Risk Management, and Compliance (GRC): Lessons Learned
    Takamura, Eduardo
    Gomez-Rosa, Carlos
    Mangum, Kevin
    Wasiak, Fran
    2014 IEEE AEROSPACE CONFERENCE, 2014,
  • [2] A Framework for Information Security Governance and Management
    Carcary, Marian
    Renaud, Karen
    McLaughlin, Stephen
    O'Brien, Conor
    IT PROFESSIONAL, 2016, 18 (02) : 22 - 30
  • [3] Holistic Information Security Management and Compliance Framework
    Grigaliunas, Sarunas
    Schmidt, Michael
    Bruzgiene, Rasa
    Smyrli, Panayiota
    Andreou, Stephanos
    Lopata, Audrius
    ELECTRONICS, 2024, 13 (19)
  • [4] INFORMATION SECURITY ASPECT OF OPERATIONAL RISK MANAGEMENT
    Zawila-Niedzwiecki, Janusz
    Byczkowski, Maciej
    FOUNDATIONS OF MANAGEMENT, 2009, 1 (02) : 45 - 60
  • [5] Information security governance: A challenge for senior management
    von Solms, R
    Innovations Through Information Technology, Vols 1 and 2, 2004, : 1130 - 1131
  • [6] Risk management, compliance, and governance for resilient information systems
    Schermann, Michael
    Krcmar, Helmut
    Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), 2010, P-176 : 229 - 230
  • [7] Risk management, compliance and governance for resistant information systems
    Schermann, Michael
    Krcmar, Helmut
    INFORMATIK 2010 - Service Science - Neue Perspektiven fur die Informatik, Beitrage der 40. Jahrestagung der Gesellschaft fur Informatik e.V. (GI), 2010, 2 : 229 - 230
  • [8] INFORMATION SECURITY OF THE BANK IN THE OPERATIONAL RISK MANAGEMENT SYSTEM
    Bezshtanko, D. V.
    FINANCIAL AND CREDIT ACTIVITY-PROBLEMS OF THEORY AND PRACTICE, 2012, 1 (12):
  • [9] The Operational Role of Security Information and Event Management Systems
    Bhatt, Sandeep
    Manadhata, Pratyusa K.
    Zomlot, Loai
    IEEE SECURITY & PRIVACY, 2014, 12 (05) : 35 - 41
  • [10] A Novel Approach for Optimizing Governance, Risk management and Compliance for Enterprise Information security using DEMATEL and FoM
    Ramalingam, Dharmalingam
    Arun, Shivasankarappa
    Anbazhagan, Neelamegam
    15TH INTERNATIONAL CONFERENCE ON MOBILE SYSTEMS AND PERVASIVE COMPUTING (MOBISPC 2018) / THE 13TH INTERNATIONAL CONFERENCE ON FUTURE NETWORKS AND COMMUNICATIONS (FNC-2018) / AFFILIATED WORKSHOPS, 2018, 134 : 365 - 370
12345