Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … Security Governance Framework
Veiga, A. (2007). An Information Security Governance Framework. Information Systems Management, 24 (4), pp. 361 -- 371.
In the last several years, security governance strategies have been continually evolving. This is because the nature of the threats to an organization's network is increasing exponentially. To deal with these challenges, new techniques were developed. The article that was written by Veiga (2007) is focusing on four different strategies. That should be incorporated as a part of their basic security protocol. These include: the PROTECT, Maturity, Information Security Infrastructure and the hybrid models. (Veiga, 2007) (Oz, 2009)
Aim
The aim is to understand how these ideas are impacting the strategies of firms and the long-term effects of utilizing them. These variables offer specific insights that are showing the way this is shaping IT procedures and protocols. These findings...
(Veiga, 2007) (Oz, 2009)
Method
The method that was utilized is the quantitative approach. This is when there is a focus on different studies and research to determine the underlying trends. The conclusions are providing a greater understanding as to which tactics are the most effective. (Veiga, 2007) (Oz, 2009)
Findings / Results
The findings are showing that each strategy has different strengths and weaknesses. The problem is that almost all of them do not have any flexibility. This makes it difficult to apply key ideas to a variety of organizations. To deal with these challenges, the different studies revealed that a hybrid approach must be utilized. This is when the best of each one are combined together. To create a model that is more responsive to the firm's changing needs. The most notable include: strong leadership /…
References
Oz, E. (2009). Management Information Systems. Boston, MA: Thompson.
Veiga, A. (2007). An Information Security Governance Framework. Information Systems Management, 24 (4),
pp. 361 -- 371.
Federal Information Security Management Act (FISMA) The Federal Information Security Management Act places emphasis on the importance of training and awareness program and states under section 3544 (b).(4).(A), (B) that "security awareness training to inform personnel, including contractors and other users of information systems that support the operations and assets of the agency of- information security risks associated with their activities; and their responsibilities in complying with agency policies and procedures
Security A broad definition of information security is given in ISO/IEC 17799 (2000) standard as: "The preservation of confidentiality (ensuring that information is accessible only to those authorized to have access), integrity (safeguarding the accuracy and completeness of information and processing methods), and availability (ensuring that authorized users have access to information and associated assets when required" (ISO/IEC 17799, 2000, p. viii). Prior to the computer and internet security emerged as we
Security Metrics Governance of Information Security: Why Metrics Do Not Necessarily Improve Security The objective of this study is to examine the concept that the use of various Metrics has tended to improve security however, Metrics alone may not necessarily improve security. This study will focus on two well-known metrics. The work of Barabanov, Kowalski and Yngstrom (2011) states that the greatest driver for information security development in the majority of organizations
ERP and Information Security Introduction to ERP Even though the plans of information security include the prevention of outsiders to gain access of internal network still the risk from the outsiders still exists. The outsiders can also represent themselves as authorized users in order to cause damage to the transactions of the business systems. Therefore, strict prevention measures should be taken to avoid such situations. The threats of both the hackers have been
Security Monitoring Strategies Creating a unified, enterprise-wide security monitoring strategy for any organization must be based on a series of strategic goals and objectives that encompass every functional area and system of a business. The intent of this analysis is to define the objectives that must anchor a security monitoring strategy to ensure its success, followed by specific recommendations for security monitoring of each major functional area. Defining Security Monitoring Strategies For an
It is possible to avoid becoming a victim of such crimes through some basic precautionary methods. Firstly, it is essential to store or discard personal information in a careful manner. This means personal documents should not be left lying around or shared through internet. All personal information should be stored in a secure place. All sorts of old receipts, expired cards, bank statements and checks should be disposed of