Title

A Model of Information Security Governance for E-Business

Document Type

Book Chapter

Publisher

Idea Group Inc.

Editor(s)

Warkentin, M., & Vaughn, R.B.

Faculty

Business and Law

School

Management

RAS ID

4018

Comments

Originally published as: Fink, D., Huegle, T., Dortschy, M. (2006). A Model of Information Security Governance for E-Business. In Warkentin, M., & Vaughn, R.B. (eds). Enterprise Information Systems Assurance and System Security. (pp. 1 - 15) Hershey, USA: Idea Group Inc. Original book available here.

Abstract

This chapter identifies various levels of governance followed by a focus on the role of information technology (IT) governance with reference to information security for today's electronic business (e-business) environment. It outlines levels of enterprise, corporate, and business governance in relation to IT governance before integrating the latter with e-business security management. E-business has made organisations even more reliant on the application of IT while exploiting its capabilities for generating business advantages. The emergence of and dependence on new technologies, like the Internet, have increased exposure of businesses to technology-originated threats and have created new requirements/or security management and governance. Previous IT governance frameworks, such as those provided by the IT Governance Institute, Standards Australia, and The National Cyber Security Partnership,-have not given the connection between IT governance and e-business security sufficient attention. The proposed model achieves the necessary integration through risk management in which the tensions between threat reduction and value generation activities have to be balanced.

DOI

10.4018/978-1-59140-911-3.ch001

 

Link to publisher version (DOI)

10.4018/978-1-59140-911-3.ch001