Nalazite se na CroRIS probnoj okolini. Ovdje evidentirani podaci neće biti pohranjeni u Informacijskom sustavu znanosti RH. Ako je ovo greška, CroRIS produkcijskoj okolini moguće je pristupi putem poveznice www.croris.hr
izvor podataka: crosbi !

Holistic approach for governing information system security (CROSBI ID 633485)

Prilog sa skupa u zborniku | sažetak izlaganja sa skupa

Spremić, M. Holistic approach for governing information system security. 2013

Podaci o odgovornosti

Spremić, M.

engleski

Holistic approach for governing information system security

Over the past decade information system security issues has been treated mainly from technology perspective. That model of information security management was reactive, mainly technologically driven and rarely aligned to business needs. This paper goes a step further and considers it from the governance view, mainly aligning it with the risk management activities and stressing the necessity for a holistic approach in which the executive management should be involved. The main objective of the paper is to stress the importance of implementing information system security governance model as a proactive and holistic approach which aligns security mechanisms, procedures and metrics with governance principles, business drivers and enterprise strategic objectives. Information system security governance model is constructed, explained and discussed. Approaches to for information system security assurance are analysed and the phases and processes of its regular reviews (audits) explained in further details. The standards and legislation activities that help in that sense are evaluated. The holistic model of governing information system security risks as business risks is explained and discussed.

Information System Security Governance Model; IS Auditing; Holistic approach

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

Podaci o prilogu

2013.

objavljeno

Podaci o matičnoj publikaciji

Podaci o skupu

IAENG

predavanje

01.01.2013-01.01.2013

Hong Kong, Kina

Povezanost rada

Elektrotehnika, Računarstvo, Ekonomija