Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Areas that should be given weight in information system governance

Verified

Added on 2023/04/05

AI Summary

This paper throw light into what should be given priorities when adopting information system governance. According to the article, third party vendors and policies should be among the priorities when improving information security governance.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY GOVERNANCE 1
Information security governance
Student
Institutional Affiliation
Tutor
Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

INFORMATION SECURITY GOVERNANCE 2
Abstract
The purpose of this document is to develop is to present a research on information
security governance. Many authors have presented their views on information system
governance, however, information security governance is rarely examined. This paper looks at
information security governance in details.

INFORMATION SECURITY GOVERNANCE 3
Introduction
Information security governance and governance has become a topic of great interest in
the 21st century to most of researchers. Due to the increasing adoption of Information system
which is also vulnerable to various risks, individuals and organizations are increasingly
becoming interested in information governance. However, only a few research has made an
attempt to find more about information system governance. This has motivated me to venture
into this critical aspect. Thus the scope of this particular paper is to find out what information
security governance entails. The article will be arranged in the following structure: Abstract,
introduction, research question, research gap, methodology and result of findings.
Research questions
The study while targeting to achieve the aforementioned objective, will also attempt to
answer the following question: what does information system governance entails?
Research gap
Although many research on information system governance have been conducted, many
of these literature are only concerned with the key challenges of information security
governance. However, the role of the information security governance is rarely researched. This
has precipitated the need to examine the meaning of information security governance and its role
in information system.
Methodology used in the research

INFORMATION SECURITY GOVERNANCE 4
In order for the research to achieve its objective, the current landscape of literature on
information system governance mainly from the developing countries were examined; the
research was primarily base on the secondary sources
The research used different reference management applications including but not limited to
EndNote library and internet. “Information security governance” was used a key term for
research. Peer reviewed articles which are coherent with the subject of study will then be
selected for further analysis.
Results of the study
In as much as the current information security governance majorly ranges from the
detailed technical guidance to a more advanced principals as suggested by Dutta, Geiger &
Lanvin (2015), only a few elaborates information security governance. As sought by many
authors, the information security governance play a crucial role of ensuring the competitive
advantage of various companies. However, the term is broad as it is defined in various ways.
The word governance refers to the ability of a given company to be in a position to
manage its operation in order to keep away from conflict of interest regarding the organization
stakeholders. The term became more popular in situations which involve a large corporations.
Information security, on the other hand take a look at protection of information system in order
to keep away from frauds with malicious intentions. From this, information security governance
can therefore be said to be governance as well as regulation of information systems that is put
into place by an organization to prevent the system from access by frauds.
As a conclusion, this article has presented a study on what information security
governance entails, in doing so, it has examined views of a few authors on the subject of study

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

INFORMATION SECURITY GOVERNANCE 5
and it can be concluded that information system security involve not only a technical
advancement but also involves governance and regulation of information system in order to keep
system from unauthorized access.

INFORMATION SECURITY GOVERNANCE 6
References
Dutta, S., Geiger, T., & Lanvin, B. (2015). The global information technology report 2015.
In World Economic Forum(Vol. 1, No. 1, pp. P80-85).
Whitman, M., & Mattord, H. J. (2014). Information security governance for the non-security
business executive. Retrieved on 11th March, 2019 from:
<https://digitalcommons.kennesaw.edu/facpubs/3204/>

INFORMATION SECURITY GOVERNANCE 7
Integrating information security governance in organization
Abstract
The primary objective of this document is to examine the needs for a robust information
security governance. The research is done with the help of internet which helped in accessing
various sources for this research. It has identified critical infrastructure as one of the
requirements that should be given priority in setting up information security governance.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

INFORMATION SECURITY GOVERNANCE 8
Introduction
Information security governance has been determined to be essential in many
organizations in terms of responsibilities and information security management. System
intrusion, and theft among other security risk may compromise an organization’s information
system. This has led to the growth of the literature in a few decades that there is need of a
technical solution to solve the growing cybersecurity risk that has consumed many organizations.
Various frameworks have been made to help organizations in governing information system.
However, there have been challenges in adopting the frameworks to information system
governance. To date, there are a few research on why the standards are implemented in various
organization. This paper is aimed to examine the requirements for implementation of information
security governance. The paper is structured in the following manner: abstract, introduction,
research question, research gap, methodology used in the research and results of the research.
Research question
This research is intended to answer the following question: what are the requirements for
implementing information system governance?
Research gap
Various organizations have been affected with information security issues ranging from
loss or theft of personal information to interference with system which takes place most of the
time due to less effective information security governance. It is therefore more important to
implement a robust information security governance in order to minimize the security risk.
However, some of the companies does not know what to do and what to use. This has

INFORMATION SECURITY GOVERNANCE 9
precipitated the need to find out the requirements which are essential for effective information
system governance.
Methodology used for the research
This research utilized various techniques in achieving its objectives. Various sources
were used to ensure success for this research, the sources used for the research were mainly
internet sources. The key terms used for search was: “requirements for an effective information
security.” Important sources were used for this research as others were eliminated.
Results of the research
The examination of literature show that various companies got formed around critical
infrastructure issues among other cases. As far as information security governance is concerned,
different organizations were found to be having strategic imperative and material practices hence
a multiplicity of various social and cultural beliefs and norms among others. This supports
claiming done by Flores, Antonsen & Ekstedt (2014) on how critical infrastructures can affect
effective information security in many organization. Critical infrastructure is an essential
requirement in establishment of a robust information security governance.
In summary, this article has looked at the important consideration that is essential for a
good information security governance. In doing so, the research has examined various literature
and it is found that critical infrastructure should be one of the priorities in adopting an effective
information security governance.

INFORMATION SECURITY GOVERNANCE
10
Reference
Flores, W. R., Antonsen, E., & Ekstedt, M. (2014). Information security knowledge sharing in
organizations: Investigating the effect of behavioral information security governance and
national culture. Computers & Security, 43, 90-110.
Human aspect of information security governance
Abstract

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

INFORMATION SECURITY GOVERNANCE
11
Human beings and technology goes hand in hand in information security governance.
This involves governance of individual’s behavior in order to ensure security within information
system which is studied in details in this document. The paper also examines the importance of
personnel in information system security governance and find that technology and human beings
should be integrated in order to enhance information security governance.
Introduction
One of the top priorities in various organizations is the information security management
initiative. It helps in protection of critical infrastructure in information system to ensure a proper
internal control, liability and responsibility. Of late, there have been many incidents of
information system failure, data breach among other information security risks is an indication is
a need for double checking the current information management system and implement a system
which is more stringent in order to ensure system security. Human aspect of information system
include management of people in an organization in order for the organization’s employees to
show some conformity as far as rules and regulations is concerned. As such, this article shall
address human aspect of information security in organizations. This paper is structured as
follows: introduction which illustrates motivation and scope of the research, research question
which the research attempts to answer, research gap, methodology and results.
Research question
This research attempts to answer the following question: what is the relevance of
behavior perspectives in information security governance?

INFORMATION SECURITY GOVERNANCE
12
Research gap
Examination of literature suggest that there are abundant research regarding formal and
technical control for information security management, however, security governance at
human/personnel level is rarely given attention in the literature on security governance. Avery
(2017) hold that information security in the aspect of human/personnel is important for
alignment of information. As such, this article is intended to examine the importance personnel
as far as information system security is concerned.
Methodology used for the research
For the purpose of this particular document, relevant literature on information system
governance were examined from different scholarly sources including journals, periodicals and
internet. A journal of specialists in information system technology were the ones which were
being selected. Periodicals selected were analyzed on one domain that is theoretical domain
which gave the human aspect of information security governance priority.
Results of the research
According to the survey of literature, it was found that human beings are the weakest link
in information system security (Mann, 2017). The author further stated that the insider threat is
where the majority of breaches fall. As such, human being’s organic nature requires a real time
as well as dynamic information governance system where organization personnel are the people
who initiate and manage such kinds of security governance efforts. As a result both human being
and technology are inherent part of information system management.

INFORMATION SECURITY GOVERNANCE
13
To condense, this article has just examined the relevance of human beings in relation to
information security management and it has been found that human beings are critical to ensure a
complete information security governance.
Reference
Mann, I. (2017). Hacking the human: social engineering techniques and security
countermeasures. Routledge.
Avery, E. J. (2017). Public information officers’ social media monitoring during the Zika virus
crisis, a global health threat surrounded by public uncertainty. Public Relations
Review, 43(3), 468-476.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

INFORMATION SECURITY GOVERNANCE
14
Areas that should be given weight in information system governance
Abstract
This paper throw light into what should be given priorities when adopting information
system governance. According to the article, third party vendors and policies should be among
the priorities when improving information security governance.
Introduction
In the worldwide scene of data security administration, security dangers are as yet
developing and there is no expectation that it will end soon. This has prompted a steady test
among people, associations and the security network on the loose. Many organizations have tried
various means for mitigating information system attack to no avail. Further, information security
literature that is available does not provide enough information on this fundamental aspect. This
has made me to develop an interest in this particular area. As such this document’s main intent is
to find out the areas that should be given priorities in information system governance. This paper
will be arranged as follows: abstract, introduction, research questions, research gap,
methodologies used in the research, and the research results.
Research question

INFORMATION SECURITY GOVERNANCE
15
As it explores the subject of study, this research paper is intended to solve the following
question: What are the areas which are necessary to be given weight in information security
governance?
Research gap
Having security program in place is one of the preliminary actions information
governance program in order to implement information security. However, among the programs,
some should be given priority while implementing information system security management. As
a result and due to the reason that a few information technology literature address this critical
aspect which involve decision making, it is important to find out what are the essential elements
to consider when adopting information security management system.
Methodology used
A survey of articles was conducted online for this article. A number of sources were
reviewed and the sources which were coherent with the subject of study were selected and put
aside for further examination.
Results
Because main expectation of different associations is to secure their items as it is their
substance's innovation that drives the corporate's income show since it depends on enormous
discharges so as to help the enthusiasm of its clients and subsequently more return, associations
must actualize probably the most developed cybersecurity protection in their corporate world.
Vulnerabilities from the outsiders in the association is a basic danger to the corporate's security

INFORMATION SECURITY GOVERNANCE
16
framework and can prompt loss of the association's restrictive properties (Patnayakuni &
Patnayakuni, 2014). It is accounted for that the association's security faculty were not shocked by
the assault in spite of the subtleties of the episode being uncovered. This is on the grounds that
the association has gotten a few alerts before about the vulnerabilities at the outsider sellers for
the year. By and large, security the board of numerous association never coordinate, neither do
the associations consider the foundation of relevant strategies as a countermeasure for such
digital assaults (Flores, Antonsen & Ekstedt 2014).
In conclusion, it can be suggested that third party vendors is one potential risk that should
be given priority when implementing information management system. Policy is another
essential risk that should not also be ignored in information security governance.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

INFORMATION SECURITY GOVERNANCE
17
References
Flores, W. R., Antonsen, E., & Ekstedt, M. (2014). Information security knowledge sharing in
organizations: Investigating the effect of behavioral information security governance and
national culture. Computers & Security, 43, 90-110.
Patnayakuni, R., & Patnayakuni, N. (2014). Information security in value chains: a governance
perspective.

INFORMATION SECURITY GOVERNANCE
18
Importance of security management and governance
Abstract
This archive is expected to give an exploration on the significance of data security
administration. Data security administration is much the same as an association's sensory system.
It is a central part of each association exercises as it ensures privacy, accessibility.
Introduction
Data security administration is an exceeding procedure that includes assurance of
frameworks, organize just as other data resources for keeping them from security dangers

INFORMATION SECURITY GOVERNANCE
19
through administration. The advantages that different associations have accomplished by security
the executives' plan are sweeping, however, only a few literature have developed interest into
this critical perspective. This has motivated me to venture into this critical aspect of information
security. Data security administration is an exceeding procedure that includes insurance of
frameworks, organize just as other data advantages for keep them from security dangers through
administration. The advantages that different associations have accomplished by security the
executives plan are extensive.
Question
While performing doing a survey on the topic of study, the paper will attempt to answer
the below stated question: what are the importance of information security governance?
Research gap
The importance of information system is overwhelming, ranging from responsibility and
safety of an organization’s sensitive information. Despite, only a few information security
governance literature have developed interest in the subject area. This leads to a need for more
research on this subject.
Methodology
For this project to be completed, it utilized both primary and secondary approaches. The
primary approach used involved the use of questioners which was distributed to various
organizations that helped in finding various views on the importance of the information security
governance.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

INFORMATION SECURITY GOVERNANCE
20
Secondary approached used, however, involve the use of reference management
application known as google scholar to retrieve references. Only references which were within
the range of 2013 to 2019 and coherent with the topic of study were chosen and analyzed.
Results of the research
Various literature have examined advantages and disadvantages of information security.
Tallon, (2013) expound the plan for security management prompts identification of risks.
Security the executives arranging encourages discovery and examination of security risks that
may bargain framework in this way starting a prompt activity. Following the vital points of
interest of executing the security of the executive method, it is basic that each association receive
the security the board program (Borgman, Bahli, Heier, and Schewski, 2013). As a basic activity
to wander into this major viewpoint, the association workforce will play their jobs and
obligations as characterized in the accompanying area.
To summarize, the document has just analyzed the benefits of information security and it
can be seen that it has far reaching benefits thus it is important that every organization adopt it in
order to protect system from frauds.
References

INFORMATION SECURITY GOVERNANCE
21
Borgman, H. P., Bahli, B., Heier, H., & Schewski, F. (2013, January). Cloudrise: exploring cloud
computing adoption and governance with the TOE framework. In 2013 46th Hawaii
international conference on system sciences (pp. 4425-4435). IEEE.
Tallon, P. P. (2013). Corporate governance of big data: Perspectives on value, risk, and
cost. Computer, 46(6), 32-38.
Information security framework

INFORMATION SECURITY GOVERNANCE
22
Abstract
This article examines various frameworks that are essential in information security
governance. The study has analyzed various framework and selected one framework that is most
preferable for information security governance. A survey of literature is conducted, and the
outcome uplifts the idea of implementing the NIST framework.
Introduction

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

INFORMATION SECURITY GOVERNANCE
23
The utilization of data security administration has turned into a basic part of information
insurance in present-day associations. For an association to give dependable and secure
methodologies to access to its data innovation frameworks, it must set up an unmistakable
structures based strategy for dealing with its activities. It is therefore important to examine
frameworks and determine the best framework for information security management. The
document is structured in the following manner: abstract, introduction, research question, the
research gap, methodology and the results of the research.
Research questions
This document look forward to answering the following question: what is the
recommended framework for information security governance?
Research gap
There are many literature on the information security governance. Most of the literature
are mainly based on ways of improving information system security governance. However, it has
been rare that an information technology literature suggest the most appropriate cybersecurity
framework for a pertinent information security governance. As a result this paper will look into
the most suitable framework for information security governance.
Methodology
This research primarily used secondary sources. The secondary sources used involve
books from google library and EndNote library. While searching the books a key term:
“information security governance framework” was used. Several literature were obtained,
however, only a few that were relevant to the subject of study were reviewed.

INFORMATION SECURITY GOVERNANCE
24
Findings and discussion of the research
First of all, it was important to know find out what a framework is, a security framework
includes a nonexclusive plan of security the executives given by organizations. There are
different security structures out there however just a couple are suitable in data security
administration, some of which incorporate Common Objectives for Information and Related
Technologies COBIT, National Institute of Standard Technology (NIST) and International
Organization for Standardization (ISO) (Fitzgerald, 2016). The NIST is a fundamental model
that each association ought to think about while detailing security the board program, in any
case, it very well may be costly. In addition, what might be the expense of losing basic data that
is the center segment of a plan of action? If a digital assault happens, an association can diminish
its obligation if the corporation can demonstrate that it was doing everything conceivable to keep
its assets from security hazards by utilizing the National Institute of Standard and Technology
NIST system as an establishment (De Haes, Van Grembergen and Debreceny, 2013). ISO, then
again, is an overall alliance which is comprised of the common standard of bodies.
As a conclusion, NIST has overreaching significance, it is therefore preferred to many
other framework furthermore, it will be utilized as a structure in building up the significant
security program that would be actualized for information security governance to secure critical
infrastructure and assets.

INFORMATION SECURITY GOVERNANCE
25
References
De Haes, S., Van Grembergen, W., & Debreceny, R. S. (2013). COBIT 5 and enterprise
governance of information technology: Building blocks and research
opportunities. Journal of Information Systems, 27(1), 307-324.
Fitzgerald, T. (2016). Information security governance simplified: from the boardroom to the
keyboard. CRC Press.

1 out of 25

+13062052269

info@desklib.com

Areas that should be given weight in information system governance

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

A Critique of an Article on Software Testing the Cloud

Resolving System Overload

Evolution of File System and Its Future

Annotated Bibliography on Challenges and Strategies in Construction Sector

Critical Review on Entrepreneurial Education in Swedish Education System

Research Methods in Hotel Industry