Information Security Governance Papers

Information Security Governance Papers
# Paper Title
1 Information Security Governance Guidance for board of Directors and Executive Management (2nd Edition)
2 Information Security Guide For Government Executives
3 Entrust- Secure Digital Identities and Information Security Governance (ISG) An Essential Element of Corporate Governance
4 The Use of Best Practice Standards and Guidelines in Information Security Governance
5 Developing Metrics for Effective Information Security Governance
6 Information Security Governance
7 Characteristics of Effective Security Governance
9 Governance of Information Security: New Paradigm of Security Management
11 The Building Security In Maturity Model
12 Payment Application Data Security Standard (PA-DSS) V1.2
13 Payment Card Industry (PCI) Data Security Standard
14 Roadmap to an Enterprise Security Program
15 Maturity of Practice
16 Information security: a corporate governance issue
17 Security management, integrity, and internal control in information systems
18 Information Security Governance in Japan
19 E-learning: Incorporating Information Security Governance
20 Information Security Governance: What, How and Why of IS Security
21 Information Security governance: COBIT or ISO 17799 or both
22 ISO/IEC Information & ICT Security and Governance Standards in practice
23 Information Security Governance Science & Engineering, Computers & IT
24 Legal implications of information security governance
25 Achieving Effective Information Security Governance: Challenges and Approaches
26 Cobit and other standards to improve IT Governance
27 Blending Corporate Governance with Information Security
28 A Methodology for Establishing an Information Security Governance Environment
29 A Responsibility Framework for Information Security
30 Information Security Governance - A Re-Definition
31 Information Security Governance
32 Security Engineering in IT Governance for University Information System
33 Security Governance for Enterprise VoIP Communication
34 Enterprise Security Governance; A practical guide to implement and control Information Security Governance (ISG)
35 Information Security Education, Training and Awareness
36 IT Risk Management
37 Organizing the Information Security Function
38 General Drawing of the Integrated Framework for Security Governance
39 Five Non-Technical Pillars of Network Information Security Management
40 large version E-Commerce and Security Governance in Developing Countries
41 Is the Information Security King Naked?
42 Information Security Governance for Executive Management
43 The Direct Part of the Model – An Information Security Policy Architecture
44 e-Governance: Two Views on Legal Environment
45 Access Control in Federated Databases: How Legal Issues Shape Security
46 Anti-corruption Information Systems and e-Government in Transforming Countries. A Point of View
47 In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security
48 Information Security Governance: A model based on the Direct–Control Cycle
49 Information security governance: Due care
50 In a ‘trusting’ environment, everyone is responsible for information security
51 From information security to…business security?
52 A framework and assessment instrument for information security culture
53 Information security management standards: Compliance, governance and risk management
54 Government and industry should recognize that a significant regulatory regime already exists for information security
55 Industry should develop an information security governance framework that organizations can readily adopt
56 Government has already established a significant legislative and regulatory regime around IT security, and is considering additional action
57 Information security is often treated solely as a technology issue, when it should also be treated as a governance issue
58 There is already broad consensus on the actions necessary to remedy the problem
59 Lack of progress is due in part to the absence of a governance framework
60 Interpreting the Framework
61 Consistent with Key Security Practices
62 Analysis of information security efforts
66 The ISO 17799 and ISO 27001 Standards for Information Security Governance
74 The Benefits Of Using ISO 17799 And 27001
75 Related ISO Standards
76 The Analysts’ Views On ISO 17799 And 27001
77 The Caveats Of Using ISO 17799 And 27001
78 The 2007 U.S. Information Security Benchmark
79 ISO and IEC
80 ISO and IEC form JTC1
82 CAC/JTC1/SC27 - IT Security Techniques
83 ISO/IEC 27005
84 ISO/IEC 27002
85 ISO/IEC 27001
86 CAC/JTC1/WG6 - Corporate Governance of IT
87 ISO/IEC 27014 Information technology -- Security techniques -- Information security governance framework
88 Where does your organization stand in governing information security risk management, control strategy, and compliance?
89 Information Security Governance: Government Considerations for the Cloud Computing Environment
90 Become users of cloud computing services
91 Exhibit 2 | Private Cloud Illustration Organization’s Private Network Internet Core Network Private Cloud Source
92 Hybrid Clouds Information Security Management and Hybrid CCEs
93 Suitable framework that helps them address risks and ensures their requirements are met
94 Exhibit 5 | Information Security Governance Framework Architect and Establish (Plan)
95 Ensure consistency with the enterprise information Policy Portfolio Management Process security architecture Architect and Establish (Plan) Implement and Operate (Do) Monitor and Review (Check, Act)
96 will need to provide guidance on the minimum Architect and Establish (Plan) Implement and Operate (Do) Monitor and Review (Check, Act) information security and compliance management Management Processes Functional Processes Management
97 Exhibit 6 summarizes the models and their relative and SaaS builds on both IaaS and PaaS, resulting risk
98 Representative CCE-Related Artifacts of the Implementing and Operating the Information Plan Phase Security Program (DO)
99 significantly depending on CCE deployment and the • Clarify roles and responsibilities service models employed. However, other Booz Allen
100 Measure and report on compliance with legal, the cloud consumer); and clearly define accountability regulatory, and contractual requirements; internal for legal liability related to an information security policies; and technical guidelines and standards. breach in the cloud
101 Information Security Governance Structures
102 Measurement and Metrics14
103 Continuous Assessment
104 Configuration Management
105 Network Monitoring
106 Incident and Event Statistics
107 Information Security Governance Challenges and Keys to Success
108 Cost Considerations and Reporting25
109 Security Planning26
110 Security Control Development27
111 Developmental Security Test and Evaluation
112 Security Test and Evaluation
113 Inspection and Acceptance
114 System Integration/ Installation
115 Security Certification28
116 Security Accreditation29
117 Configuration Management and Control30
118 Continuous Monitoring
119 Information Preservation
120 Media Sanitization
121 Hardware and Software Disposal
122 Risk Analysis
123 Control Analysis
124 Impact Analysis
125 Risk Determination
126 Control Recommendations
127 Results Documentation
128 Risk Mitigation
129 Evaluation and Assessment
130 Certification, Accreditation, and Security Assessments
131 Minimum Security Controls
132 Security Services and Products Acquisition
133 Incident Response
134 IT Governance
135 Governance: How to Deal with ICT Security in the Power Infrastructure?
136 Design and Delivery of Undergraduate IT Security Management Course
137 A Study on Feasibility and Establishment of a Security Grade Certification Scheme for the New IT Services
138 Electronic identity management in Sweden: governance of a market approach
139 Exploring the Role of Government in Information Technology Diffusion
140 Modeling and Construction of Web Services Security
141 Balancing Security and Democracy, and the Role of Expertise: Biometrics Politics in the European
142 Information technologies and the tragedy of the Good Will
143 Geoinformatics of Hotspot Detection and Prioritization for Digital Governance
144 Advances in sustainable security systems engineering with Drama Theory (DT) II
145 Trust: An Element of Information Security
147 Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography
148 A Meta-process for Information Security Risk Management
149 A study on e-Taiwan information system security classification and implementation
150 Facilitating relational governance through service level agreements in IT outsourcing: An application of the commitment–trust theory
151 Security, risk analysis and governance: a practical approach
152 A prototype for assessing information security awareness

Database Sections