Information Security Governance - Compliance management vs operational management

被引:38
|
作者
von Solms, SH [1 ]
机构
[1] Univ Johannesburg, Dept Acad Informat Technol, ZA-2006 Johannesburg, South Africa
来源
COMPUTERS & SECURITY | 2005年 / 24卷 / 06期
关键词
information security; information security management; information technology governance; corporate governance; operational management; compliance management; risk management;
D O I
10.1016/j.cose.2005.07.003
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper discusses the difference that should exist between Information Security Operational Management and Information Security Compliance Management. The paper argues that for good Information Security Governance, good IT Governance and good Corporate Governance, these two dimensions of Information Security Management should be totally separate, and housed in separate departments. (C) 2005 Elsevier Ltd. All rights reserved.
引用
收藏
页码:443 / 447
页数:5
相关论文
共 50 条
  • [11] Security Requirements Elicitation from Engineering Governance, Risk Management and Compliance
    Ghiran, Ana-Maria
    Buchmann, Robert Andrei
    Osman, Cristina-Claudia
    REQUIREMENTS ENGINEERING: FOUNDATION FOR SOFTWARE QUALITY (REFSQ 2018), 2018, 10753 : 283 - 289
  • [12] Exploring information security compliance in corporate IT governance
    Tarn, J. Michael
    Raymond, Heath
    Razi, Muhammad
    Han, Bernard T.
    HUMAN SYSTEMS MANAGEMENT, 2009, 28 (03) : 131 - 140
  • [13] Experience: Data and Information Quality Challenges in Governance, Risk, and Compliance Management
    Sillaber, Christian
    Mussmann, Andrea
    Breu, Ruth
    ACM JOURNAL OF DATA AND INFORMATION QUALITY, 2019, 11 (02):
  • [14] Cloud Computing: Security Model Comprising Governance, Risk Management and Compliance.
    Al-Anzi, Fawaz S.
    Yadav, Sumit Kr.
    Soni, Jyoti
    2014 INTERNATIONAL CONFERENCE ON DATA MINING AND INTELLIGENT COMPUTING (ICDMIC), 2014,
  • [15] A Path to Successful Management of Employee Security Compliance: An Empirical Study of Information Security Climate
    Goo, Jahyun
    Yim, Myung-Seong
    Kim, Dan J.
    IEEE TRANSACTIONS ON PROFESSIONAL COMMUNICATION, 2014, 57 (04) : 286 - 308
  • [16] Compliance and Ethics for Project Management Governance
    Araujo Galvao, Graziela Darla
    Abadia, Lorena Gamboa
    Parizzotto, Leticia
    Souza Piao, Roberta de Castro
    de Carvalho, Marly Monteiro
    PROCEEDINGS OF THE 13TH EUROPEAN CONFERENCE ON MANAGEMENT, LEADERSHIP AND GOVERNANCE (ECMLG 2017), 2017, : 115 - 123
  • [17] INNOVATION OF THE INFORMATION MANAGEMENT IN COMPLIANCE MANAGEMENT AREA
    Ministr, Jan
    Pitner, Tomas
    IDIMT-2017 - DIGITALIZATION IN MANAGEMENT, SOCIETY AND ECONOMY, 2017, 46 : 71 - 78
  • [18] Governance of security and capital: the management of private security
    Mulone, Massimiliano
    Dupont, Benoit
    DEVIANCE ET SOCIETE, 2008, 32 (01): : 21 - 42
  • [19] Information Security Governance model to enhance zakat information management in Malaysian Zakat Institutions
    Sulaiman, Hidayah
    Jamil, Norziana
    PROCEEDINGS OF THE 2014 6TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND MULTIMEDIA (ICIM), 2014, : 200 - 205
  • [20] RESEARCH MANAGEMENT VS INFORMATION MANAGEMENT
    JAMES, JW
    CHEMISTRY IN BRITAIN, 1984, 20 (12) : 1105 - 1107
12345