Conference Proceedings

Information Security Governance: A Case Study of the Strategic Context of Information Security

TERRENCE Tan, S Maynard, A Ahmad, undefined Ruighaver

Proceedings ot the 21st Pacific Asia Conference on Information Systems: ''Societal Transformation Through IS/IT'', PACIS 2017 | Association for Information Systems | Published : 2017


Security governance influences the quality of strategic decision-making towards ensuring that investments in security are not wasted. Security governance involves a range of activities including adjusting organisational structures, designating roles and responsibilities, allocating resources, managing risks, measuring results, and gauging the adequacy of security audits and reviews. We draw on a case study to identify three security issues in an organisation around strategic context. These are (1) limited diversity in decision-making; (2) lack of guidance in corporate-level mission statements to security decision-makers; (3) a bottom-up approach to security strategic context development. We ..

View full abstract

Citation metrics