Information Security Governance Papers
|
Paper Title
|
Entrust- Secure Digital Identities and Information Security Governance (ISG) An Essential Element of Corporate Governance
|
|
The Abstract of The Paper
|
As a worldwide leader in identity and access management solutions, Entrust takes information security very seriously. Just as our customers depend on robust security solutions, so do we as a company. Given our leadership role and the increasing emphasis on cyber security, I directed Entrust’s management team last year to undertake a sweeping review of the security of our internal operations. In doing so, we discovered that cyber security is best viewed, not solely as a technology challenge, but as a corporate governance issue. Moreover, like quality assurance, it requires continuous, incremental improvement over time. We also discovered that the framework necessary to systematically integrate information security into corporate governance is lacking.
Because it is imperative for the broader software industry to have an information security framework, I approached the Business Software Alliance (BSA) to see how the industry could best work together. At their recommendation, I co-chaired a task force of leading software companies that profiled a framework in its October 2003 report, Information Security Governance: Toward a Framework For Action.
As a result of the work with BSA, I was asked to co-chair a blue ribbon Corporate Governance task force at the National Cyber Security Summit hosted by the Department of Homeland Security and the National Cyber Security Partnership. The goal of this task force was to achieve consensus on an information security governance framework with broad application to business, educational institutions and non-profit organizations. This report, Information Security Governance: A Call to Action, was released in April 2004 and is summarized in the pages that follow.
As seen during the task force process, industry is rising to the cyber security challenge. We still have a lot of work before us, but increasingly we have a framework and process for how best to approach the problem and the toolset necessary for success.
By integrating information security into our corporate governance processes, we can allow for the deep integration with customers, suppliers, partners and other stakeholders that is so important to the extended enterprise, while protecting the critical infrastructure that is a cornerstone of our homeland security.
Please join us in embracing this vital corporate and civic responsibility.
|
|
Web Link
|
http://www.google.com.sa/search?hl=ar&source=hp&q=Information+Security+Governance+ *.PDF&meta=&aq=f&oq=
|
Back To Information Security Governance Papers List