IT Security Governance Innovations: Theory and Research
Page 1 of 1
IT Security Governance Innovations: Theory and Research
IT security can no longer be considered as a technical issue, but it is a process that involves the whole company. It is widely accepted that security needs to reach the governance level so that senior directors understand the risks and the opportunities, and have assurance that these are being properly and continuously managed.
This relevant role assumption has caused the development of a lot of initiatives (frameworks, standards, etc.) in the last few years to foster IT Governance inside any corporation, such as CobiT or ISO/IEC standards (ISO/IEC 27000, ISO/IEC 38500…). From a global perspective, this diversity, also found in the context of security technical issues, has made us consider its application as a very complex and hard process to understand with a very difficult implantation curve.
In order to facilitate the adoption of IT Security Governance by the different types of organizations, the objective of this book is to compile existing approaches, standards, best practices and new trends in IT Security Governance. The book will highlight the main contributions and characteristics of each one. From the theoretical and practical perspectives, this book is intended to address security during the whole IT Security Governance implantation lifecycle. From IT risk-based security goals and policies up to IT security governance tools and metrics implemented by most sound IT security standards or guidelines for each specific scenario. This book would also help managers to be aware of limitations of current approaches and the gaps which need to be covered in order to achieve a complete integration of the security governance within the global governance.
Dr. Daniel Mellado
Spanish Tax Agency, IT Auditing Unit (Madrid, Spain)
Email: damefe@esdebian.org
This relevant role assumption has caused the development of a lot of initiatives (frameworks, standards, etc.) in the last few years to foster IT Governance inside any corporation, such as CobiT or ISO/IEC standards (ISO/IEC 27000, ISO/IEC 38500…). From a global perspective, this diversity, also found in the context of security technical issues, has made us consider its application as a very complex and hard process to understand with a very difficult implantation curve.
In order to facilitate the adoption of IT Security Governance by the different types of organizations, the objective of this book is to compile existing approaches, standards, best practices and new trends in IT Security Governance. The book will highlight the main contributions and characteristics of each one. From the theoretical and practical perspectives, this book is intended to address security during the whole IT Security Governance implantation lifecycle. From IT risk-based security goals and policies up to IT security governance tools and metrics implemented by most sound IT security standards or guidelines for each specific scenario. This book would also help managers to be aware of limitations of current approaches and the gaps which need to be covered in order to achieve a complete integration of the security governance within the global governance.
Dr. Daniel Mellado
Spanish Tax Agency, IT Auditing Unit (Madrid, Spain)
Email: damefe@esdebian.org
Similar topics
» 6th Future Security Security Research Conference Berlin, Germany, September 5th – 7th, 2011
» 6th Future Security - Security Research Conference Berlin, September 5th – 7th, 2011
» SecureCHAINS at Security Research Conference 2011, 20 - 21 September Warsaw
» CBRNE Security Research. Roadmap for a Demonstration Programme Brussels, 7th June 2011, 9:00 -16:30
» Security of the Citizens
» 6th Future Security - Security Research Conference Berlin, September 5th – 7th, 2011
» SecureCHAINS at Security Research Conference 2011, 20 - 21 September Warsaw
» CBRNE Security Research. Roadmap for a Demonstration Programme Brussels, 7th June 2011, 9:00 -16:30
» Security of the Citizens
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|