مقاله انگلیسی رایگان در مورد مدل فرآیند برای اجرای سیستم های اطلاعاتی دولتداری امن – امرالد 2017

 

مشخصات مقاله
انتشار مقاله سال 2017
تعداد صفحات مقاله انگلیسی 34 صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
منتشر شده در نشریه امرالد
نوع مقاله ISI
عنوان انگلیسی مقاله A process model for implementing information systems security governance
ترجمه عنوان مقاله یک مدل فرآیند برای اجرای سیستم های اطلاعاتی دولتداری امن
فرمت مقاله انگلیسی  PDF
رشته های مرتبط مهندسی کامپیوتر، فناوری اطلاعات
گرایش های مرتبط امنیت اطلاعات، رایانش امن، مدیریت سیستمهای اطلاعات
مجله امنیت اطلاعات و کامپیوتر – Information & Computer Security
دانشگاه School of Computing – Robert Gordon University – Aberdeen – UK
کلمات کلیدی امنیت اطلاعات، دولتداری، چرخه دمینگ، ISO 27001، ISO 27002، COBIT
کلمات کلیدی انگلیسی information security, governance, Deming cycle, ISO 27001, ISO 27002, COBIT
کد محصول E6854
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

بخشی از متن مقاله:
1. Introduction

Security governance is considered as the most appropriate method not only to gain control of security processes but also to guarantee alignment with business strategies (Rebollo, Mellado, Fernández-Medina, & Mouratidis, 2015). With increased cyber-attacks, and compliance failures, organizations are moving towards implementing security governance frameworks and standards. Hence, the problem of appropriate selection of adequate security controls and optimal risk treatment relies on international assurance standards (Rebollo et al., 2015). The current information security landscape is moving towards a more strategic approach, commonly referred to as information security governance (Dlamini, Eloff, & Eloff, 2007). Despite this approach, information security governance (ISG) is poorly understood, ill defined, and means multiple things to different people (Moulton & Coles, 2003). Considering the lack of empirical studies related to ISG methodology, the present study aims at complementing the body of literature on information security governance by developing, and empirically testing a theoretical model outlining the methodological process of ISG in an organization. IT governance and IS security is a tightly knit concept. ISG is directly related to three research subjects namely IT governance, corporate governance and information security (Rebollo, Mellado, & Fernández-Medina, 2012). Both security and governance have in common the concepts of trust in an organization and its practices, data safeguards, and operations that rely not only on sound governance practices but also on good security (Wilson, 2007). IT management teams (representing the governance perspective) and IS security management teams are expected to implement the elements of good governance in conjunction (Whitman & Mattord, 2014). Thus, it has been argued that the protection of information as a valuable asset should not be left solely to the chief information officer of an organization, but should be treated as a governance issue (Abu-Musa, 2010). Since information security within an organization encompasses technical, as well as strategic and legal, concerns, information security needs to be addressed as a corporate governance responsibility involving risk management, reporting and accountability on the part of executive leadership and boards of directors (Posthumus & Solms, 2004). In light of this concept, our research will explore the methodological process of integrating and implementing IS security and IT governance into a process model within an organization.

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا