Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … Corporate governance, IT Governance and Information Security Governance
IS 8310 Governance, Risk Management and Compliance
Governance is the process of empowering leaders to implement rules that are enforceable and amendable. For comprehensive understanding of the term' governance' it is essential to identify the leaders and the set of rules, and various positions that leaders govern. Corporate governance, IT Governance and Information Security Governance embraces a linkage with certain acquiescence system while focusing on information security and privacy issues in the organization. This work will give a distinction between the three terms and identify how they related to each other and how endeavors to comply with each system is leveraged to apply to each other.
INTRODUCTION
Governance is the process of empowering leaders to implement rules that are enforceable and amendable. Therefore, for comprehensive understanding of the term' governance' it is critical to categorize the leaders and the set of rules, and various positions that leaders govern. For successful completion of this paper, it is essential to discuss corporate governance, IT governance and Information Security governance. Corporate governance is the process by which leaders direct and control corporations. In executing good governance, the boards of members together with the executive management aim at providing strategic direction by carrying out their routine duties responsibly (Photopoulos, 2008).
They also ascertain appropriate management of corporate risks that arises unpredictably. Finally, corporate governance ascertains responsible utilization of company resources. IT governance comprises of; leadership, company structures and procedures. The three elements ascertain that the company's Information Technology maintains and broadens the strategies and intentions of the company. Information Security governance has similar functions with IT governance; however, it preserves the confidentiality and reliability of classified data in the company. Therefore, for the organizations to secure the information systems and empower their security systems, it is essential for them to integrate information security into the corporate governance (Gartner, 2010).
Most organizations, such TechNet view information security as a complex matter, but that is not the case. When organizations make major initiative to protect their information assets, executive management must consider information security a significant part of organizational operations. The effective way of accomplishing such objective is integrating it with other internal controls and processes that comprise corporate governance. The following recommendations emphasize the need of integrating Information Security governance in TechNet with other control systems.
1) TechNet should incorporate Information security governance to establish cyber security into its corporate governance procedures.
2) TechNet should indicate their devotion to Information Security governance by affirming their intention of relating with corporate governance in evaluating their performance and provide the report to the board members
3) Companies that embrace corporate governance program should indicate their devotion to information security governance by willingly showing an interest on their company website
Conclusions
Efficient Information security governance requires incessant improvement for successful performance. The recommendations provide a strong foundation for organizations that intends to empower their Information security governance. However, application of these suggestions is an inception to safeguarding information systems and empowers TechNet's security measures. This paper seeks to encourage organizations to prioritize on corporate governance, IT governance and Information Security governance procedures and create awareness on the need of governance in organizations (Biegelman & Bartow, 2006).
2. CORPORATE GOVERNANCE
Corporate governance entails organizational principles that describe the link that exists between the stakeholders, the executive and the board members. These principles affect how the organization operates. At the most fundamental level corporate governance focuses on matters that define organizational ownership and management. However, it extends its function by showing a clear connection between the stakeholders and the executive. Organizations with strong governance policies offer effective access to assets and supports in economic development. In addition, corporate governance extends its functions to dealing with social and institutional challenges (Rasmussen, 2010).
Good governance addresses issues that embrace the significance of justice, precision, liability, and accountability to shareholders and investors. An effective and morally governed business requires efficient internal governance and favorable corporate environment. Thus, aspects such as, secure company assets, operating judiciary and liberty are fundamental to interpret corporate governance set of rules into feasible practices. Furthermore, effective corporate governance ascertains fairness and transparency in organizational environment, and that, organizations accept liability for actions committed against the policies. Consequently, ineffective corporate governance results to injustice, embezzlement of funds, dishonesty and misuse of resources. The board of director assumes the responsibility of bad corporate governance. The affairs and the general performance of the company lie in the hands of the boardroom (Basri, 2008).
However, the corporate laws and regulations empower the boardroom to delegate some of the duties to the committee members. For effective performance, corporate governance sub-delegates some duties to other smaller governances dealing with finances, human...
CORPORATE GOVERNANCE METHODOLOGY
2.11. International Financial Corporation Corporate Governance
The company develops an International financial corporation methodology in implementing corporate governance in the company. This methodology establishes a collaborative affiliation with stakeholders and relates with them in enhancing governance practices. This is achievable by mainstreaming corporate governance evaluation in investment procedures for every IFC operation by employing the IFC Corporate Governance method. In essence, International Financial Corporation governance approach is the procedure used by companies in evaluating the corporate governance structures, principles and procedures through application of appropriate tools. Every evaluation is company-related to ascertain feasible approach to corporate governance (Basri, 2008).
This approach serves as a basis for corporate governance development structure's approach. In all IFC business deals, it becomes impossible for IFC members to carry out appropriate assessment without assessing and making sound decisions in financial stakeholder rights; liability and the boardroom; the internal control system, precision and disclosure guidelines. The executive management must understand the core issues of corporate governance and invent approaches for the safety of stakeholders and shareholders. Employing IFC methodology allows effective management of corporate governance related threats, enhances the capacity to delivering valuable advice to shareholders, and develops stronger collaborations with shareholders. Therefore, employing corporate governance evaluations in IFC operations is essential in improving business decision-making procedure.
3. IT GOVERNANCE
IT governance deals particularly with IT systems, their functioning and Risk management. The primary intentions of managing information technology systems are ensuring that the system engenders business significance, and alleviates the threats linked with it. This is achievable by implementing company structures with defined roles for the liability of information, businesses procedures and infrastructure. IT governance requires ascertaining that the resources in IT create value-reward and alleviate IT connected risks evading business failure (Schwalby, 2011).
Information is imperative to company success- valuable and competent delivery of services and goods. The transformation process, generally known as "business change," is the key enabler of new business strategies in the private and public organizations. Business transformation provides numerous rewards; however, it is susceptible several risks, which may hinder business processes and cause unplanned outcomes. In essence, IT governance forms part of corporate governance by ascertaining that IT objectives are achieved and risks alleviated in that IT created value to maintain development in the organization (Huang, Zmud & Price, 2010).
3.1 Using COBIT Methodology in IT governance
IT Governance assumes a vital significance in contemporary organizations whereby Information Technology business operations are fundamental. Furthermore, the company depends on information, systems and advanced technologies to develop. Even though technology advancement may enhance various company processes, cut down costs and changes company practices, it also caries heavy risks. Successful companies are capable of identifying and managing such risks by employing a methodology that allows organizations to manage the risks and increase transparency in business operations (Matwyshyn, 2009).
IT governance is relevant to companies to ascertain conformity, IT alignment, and positive return on IT business deals, enhanced security, risk management and so forth. For this reasons, companies must improve the IT system in order to streamline all the business operations. Executing IT governance is a challenging task, and unless the company implements IT control using the COBIT framework. COBIT is a powerful, updated global set of generally established IT management good practices and control objectives meant for executive management, IT experts and auditors (Barnhizer, 2006).
4. CORPORATE GOVERNANCE AND IT GOVERNANCE
Evaluation on corporate governance has a direct or indirect influence on IT and the control of IT governance. In addition, in a business driven technology, corporate governance relies on IT governance for successful execution of business processes. The board of directors and the executive management are accountable for IT Governance. In circumstances where Chief Executive Officers face criminal charges for defying corporate governance, IT Governance becomes accountable for business operations. Board members play different roles to ascertain the success of the company, and they delegate some roles to other members (Adegbite, 2012). IT governance consists of other forms of smaller governances, which include performance and ability governance, network governance and Information security governance as shown in Figure 2 below.
Corporate Governance
Finance Governance
Risk Governance
Performance governance
Network governance
IT Governance
InfoSec governance
FIGURE 2
5. INFORMATION SECURITY GOVERNANCE
Information Security Governance comprises, Leadership, company structures, procedures and monitoring systems and technologies that ascertain privacy, reliability and availability of company data.
5.1 Corporate Governance and Information Security Governance
Corporate Governance entails set of laws, regulations,…
REFERENCES
1) Adegbite, E. 2009. Corporate governance Journal of the Society for Corporate Governance in Nigeria 1(1): 45-48.
2) Adegbite, E. 2010. A scrutiny of corporate governance. Journal of the Society for Corporate Governance 2(1): 242-265.
3) Adegbite, E. 2012. Corporate governance in the banking industry: Towards a strategic governmental engagement. International Journal of Business Governance and Ethics 7(3): 209-231.
4) Barnhizer, D. 2006.Waking from sustainability's 'impossible dream': the decision-making realities of business and government. Georgetown International Environmental Law Review, 18,662; Cleveland-Marshall Legal Studies Paper
7) Gartner .2010. Hype cycle for governance, risk and compliance technologies, 2010. Retrieved August 8, 2010 from http://www.gartner.com
8) Gartner. 2008. The enterprise governance, risk and compliance platform defined.[Gartner ID Number: G00155196] Retrieved August 11, 2010, from http://www.gartner.com
9) Gartner. 2010. Critical capabilities for it governance, risk and compliance management.[Gartner ID Number: G00175673]Retrieved August 11, 2010,from http://www.gartner.com
13) Rasmussen, M. 2010. Corporate Integrity. Managing risk & compliance across extended business relationships. Retrieved August 11, 2010 from http://corp-integrity. blogspot.com/2010/07/managing-risk-compliance-across.htm
14) Sarbanes-Oxley Drives Up Large Companies' Audit Costs by $1.4 Billion. Insurance Journal, April 28, 2005.Retrieved September 18, 2010 from http://www.insurancejournal.com/news/national/2005/04/28/54393.htm
Securities Regulation SECURITIES REGULARIZATIONS IN NON-PROFIT ORGANIZATIONS The ensuring of the fact that an organization is working as per regulations and is following the code of conduct, while keeping the interest of the public first, are matters which are becoming more and more complicated with the passage of time. Therefore, it can be said with some emphasis, that today one of the most basic issues of many organizations is the issue of
……South African Municipalities Municipal Revenue Loss Reduction through Improved Municipal Valuation Methodologies:Balance Sheet Enhancement of South African Municipalities to Improve Rates and Taxes Revenue GenerationAbstractThis study examines the property valuation process of Municipalities in South Africa and develops a strategy for strengthening that process in order to more efficiently value properties and ultimately to enhance municipal balance sheets and increase revenue streams. This study proposes an innovative valuation method based
Most well-known was Robert Scoble of Microsoft. With the 2004 U.S. Presidential elections, blogs' growth accelerated dramatically as nearly every news network, candidate in both U.S. Senate and House of Representative races, and political pundit has their own blog competing for the publics' attention. The era of 2004 to today in fact has created a blogging industry that is pervasive in its availability of publishing platforms (USC Annenberg School of
Today, it is not uncommon for managerial leadership to be drawn from one pool and placed in the other in order to facilitate greater intimacy between operational aspects separated by geography and culture. Though this strategy brings with it a number of notable benefits with regard to the coordination of global operations, it does also bear with it a number of challenges which fall upon the Human Resources department
cloud computing will be discussed to show that the good outweighs the bad. Furthermore, it will be further discussed that the government is looking into using cloud computing because it will cut IT cost down and increase capabilities despite the fact people are concerned with security issues that this may bring to the public. In completing a dissertation, it is very hard to go through the challenges that it requires.
), [he knows] that media companies are responsive to pressure when it is sustained, sophisticated and well executed," he fails to offer any concrete examples of this kind of pressure or how it might actually be applied (Schechter, 2003, p. 242). He does propose "a Media and Democracy Act, an omnibus bill that could be a way of showing how all of these issues are connected," but he does not