A responsibility framework for information security

IFIP Advances in Information and Communication Technology

Volumn 193, Issue , 2005, Pages 205-221

  Posthumus, Shaun ^a   von Solms, Rossouw ^a  

^a NELSON MANDELA METROPOLITAN UNIVERSITY   (South Africa)

Author keywords

Accountability; Corporate Governance; Information Security Governance; Information Security Management; Responsibility

Indexed keywords

FINANCE; INFORMATION SYSTEMS; INFORMATION USE; SECURITY OF DATA; SECURITY SYSTEMS;

ACCOUNTABILITY; CORPORATE GOVERNANCE; INFORMATION SECURITY GOVERNANCE; INFORMATION SECURITY MANAGEMENTS; RESPONSIBILITY;

INFORMATION MANAGEMENT;

EID: 84879743356     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: 10.1007/0-387-31167-x_13     Document Type: Article

References (16)

1. Birman, K. P., 2000, The next generation internet: Unsafe at any speed. IEEE Computer, 33(S), 54-60.
2. BS 7799, 1999, BS 7799: Code of Practice for Information Security Management as a base for Certification.
3. Corporate Governance Task Force, 2004, Information Security Governance: A Call To Action. Available from: http://www. c y b e r p a r t n e r s h i p. o r g/InfoSecGov4_04.pdf.
4. Entrust, 2004, Information Security Governance (ISG): An Essential Element of Corporate Governance. Available from: h t t p://i t r e s e a r c h. f o r b e s. com/detail/RES/1082396487_7 02. html.
5. Gerber, M., & von Solms, R., 2001, From risk analysis to security requirements. Computers and Security, 20(1), 577-584.
6. Humphreys, E. J., Moses, R. H., & Plate, E. A., 1998, Guide to BS7799 Risk Assessment and Management. British Standards Institution.
7. IT Governance Institute, 2004, IT Strategy Committee. Available from: h t t p://w w w. I T g o v e r n a n c e. o r g/r e s o u r c e s. h t m.
8. IT Governance Institute, 2005, Information Security Governance: Guidance for Boards of Directors and Executive Management. Available from: h t t p: //vivivi. isaca. org/ContentManagement/ContentDisplay. cfm?ContentID=15 998.
9. King Report, 2001, The King Report on Corporate Governance for South Africa. Available from: http://www.iodsa.co.za/IoD%20Draft%20King% 20Report.pdf.
10. Posthumus, S., & von Solms, R., 2004, A framework for the governance of information security. Computers and Security, 23(8), 638-646.
11. Swindle, O., & Conner, B., 2004, The Link between Information Security and Corporate Governance. Available from: http://www.computerworld.com/securitytopics/security/story/0,10801,92915,00.html.
12. Thompson, K., & von Solms, R., 2003, Integrating information security into corporate culture. Masters dissertation. Nelson Mandela Metropolitan University, Port Elizabeth, South Africa.
13. Trillium Software, 2004, Corporate Governance and Compliance: Could Data Quality Be Your Downfall? Available from: http://www. t r i l l i u m s o f t w a r e. com/success/dqic.pdf.
14. Vericept Corporation, 2004, Preventing Identity Theft and Loss of Intellectual Property: The Importance of Information Security in Internal Controls and Corporate governance. Available from: http://www.vericept.com/Downloads/WhitePapers/Vericept_Fraud_IdentityTheft_WP.pdf.
15. Whitman, M. E., & Mattord, H. J., 2003, Principles of information security. In (pp. 153-190). Course Technology.
16. World Bank Group, 1999, Corporate Governance: A Framework for Implementation. Available from: http://www.worldbank.org/html/f p d/p r i v a t e s e c t o r/c g/d o c s/g c g f b o o k l e t. p d f.