A model of information security governance for e-business
Document Type
Book Chapter
Publisher
Idea Group Publishing
Editor(s)
Warkentin, M., & Vaughn, R.B.
Faculty
Faculty of Business and Law
School
School of Management
RAS ID
4018
Abstract
This chapter identifies various levels of governance followed by a focus on the role of information technology (IT) governance with reference to information security for today's electronic business (e-business) environment. It outlines levels of enterprise, corporate, and business governance in relation to IT governance before integrating the latter with e-business security management. E-business has made organisations even more reliant on the application of IT while exploiting its capabilities for generating business advantages. The emergence of and dependence on new technologies, like the Internet, have increased exposure of businesses to technology-originated threats and have created new requirements/or security management and governance. Previous IT governance frameworks, such as those provided by the IT Governance Institute, Standards Australia, and The National Cyber Security Partnership,-have not given the connection between IT governance and e-business security sufficient attention. The proposed model achieves the necessary integration through risk management in which the tensions between threat reduction and value generation activities have to be balanced.
DOI
10.4018/978-1-59140-911-3.ch001
Comments
Fink, D., Huegle, T., Dortschy, M. (2006). A Model of Information Security Governance for E-Business. In Warkentin, M., & Vaughn, R.B. (eds). Enterprise Information Systems Assurance and System Security. (pp. 1 - 15) Hershey, USA: Idea Group Inc. Available here.