Information Security Governance Framework

¶ … Security Governance Framework Veiga, A. (2007). An Information Security Governance Framework. Information Systems Management, 24 (4), pp. 361 -- 371. In the last several years, security governance strategies have been continually evolving. This is because the nature of the threats to an organization's network is increasing exponentially. To deal with these challenges, new techniques were developed. The article that was written by Veiga (2007) is focusing on four different strategies. That should be incorporated as a part of their basic security protocol. These include: the PROTECT, Maturity, Information Security Infrastructure and the hybrid models.

(Veiga, 2007) (Oz, 2009) Aim The aim is to understand how these ideas are impacting the strategies of firms and the long-term effects of utilizing them. These variables offer specific insights that are showing the way this is shaping IT procedures and protocols. These findings are helping all organizations to be better prepared for the challenges they will face in the future. (Veiga, 2007) (Oz, 2009) Method The method that was utilized is the quantitative approach. This is when there is a focus on different studies and research to determine the underlying trends.

The conclusions are providing a greater understanding as to which tactics are the most effective. (Veiga, 2007) (Oz, 2009) Findings / Results The findings are showing that each strategy has different strengths and weaknesses. The problem is that almost all of them do not have any flexibility. This makes it difficult to apply key ideas to a variety of organizations. To deal with these challenges, the different studies revealed that a hybrid approach must be utilized. This is when the best of each one are combined together.

To create a model that is more responsive to the firm's changing needs. The most notable include: strong leadership / governance, strong managerial / operational / security procedures and technical assistance. These variables help an organization to test, evaluate and evolve their network to shifting threats. (Veiga, 2007) (Oz, 2009) Conclusion The most effective strategy is the hybrid model. This is because it is concentrating on using flexibility and key concepts to assess / address any vulnerabilities. For all organizations, this makes them more prepared for the challenges they will face in the future.

This prevents security breaches through taking an all encompassing approach and objectively analyzing what is happening. (Veiga, 2007) (Oz, 2009) In your own words write what you think of the article The article is very informative. It shows which tactics are commonly utilized by organizations and their potential weaknesses. To deal with key challenges a new idea is proposed by Veiga. It is taking the best from these theories and combining them together (under the hybrid model). This gives organizations a working strategy they can implement on their own. (Veiga, 2007).