JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Da Veiga, Adele
|
|
| dc.contributor.author | Eloff, Jan
|
|
| dc.date.accessioned | 2014-11-07T09:10:13Z | |
| dc.date.available | 2014-11-07T09:10:13Z | |
| dc.date.issued | 2007 | |
| dc.identifier.citation | To cite this Article: Da Veiga, A. and Eloff, J. H. P. (2007) 'An Information Security Governance Framework', Information Systems Management, 24:4, 361 - 372 To link to this article: DOI: 10.1080/10580530701586136 URL: http://dx.doi.org/10.1080/10580530701586136 | |
| dc.identifier.issn | 1058-0530 | |
| dc.identifier.uri | http://hdl.handle.net/10500/14338 | |
| dc.identifier.uri | http://dx.doi.org/10.1080/10580530701586136 | |
| dc.description | Please follow the doi link at the top of this record to view the online published version of this article | |
| dc.description.abstract | Information security culture develops in an organization due to certain actions taken by the organization. Management implements information security components, such as policies and technical security measures with which employees interact and that they include in their working procedures. Employees develop certain perceptions and exhibit behavior, such as the reporting of security incidents or sharing of passwords, which could either contribute or be a threat to the securing of information assets. To inculcate an acceptable level of information security culture, the organization must govern information security effectively by implementing all the required information security components. This article evaluates four approaches towards information security governance frameworks in order to arrive at a complete list of information security components. The information security components are used to compile a new comprehensive Information Security Governance framework. The proposed governance framework can be used by organizations to ensure they are governing information security from a holistic perspective, thereby minimising risk and cultivating an acceptable level of information security culture. | en |
| dc.language.iso | en | en |
| dc.publisher | Information Systems Management | en |
| dc.subject | information security governance framework | en |
| dc.subject | information security components | en |
| dc.subject | information security culture | en |
| dc.subject | information security behaviour | en |
| dc.title | An Information Security Governance Framework | en |
| dc.type | Article | en |
| dc.description.department | Computing | en |
Files in this item
| Files | Size | Format | View |
|---|---|---|---|
|
There are no files associated with this item. |
|||